ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07

2009-02-12 18:28:57
from [Peter Sylvester] [Permanent Link]
and that there are some non-trivial advantages to carrying authorizations in-band.
Namely... 
Independance between payload and security measures.
Piggybagging information on lower layers is a very old concept.

https was successful over shttp.

I think the patent is made by trolls. There seems to be
lots of evidence of prior art. sending an OSCP
response as part of the TLS session setup
is a standard, where is the difference?

The current hacks to carry SAML assertion using additional
http connection is inefficient, mildly speaking. 
The authz has technical problems.
I encourage the TLS working group members to
seriously treat the issue.

Peter Sylvester





_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: IETF and open source license compatibility, Harald Alvestrand
Next by Date:  Changes needed to Last Call boilerplate, Noel Chiappa
Previous by Thread:  Re: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07, Melinda Shore
Next by Thread:  No to patent emcumbered standards, cramhead
Indexes:  [Date] [Thread] [Top] [All Lists]