[ogsa-wg] Newly-updated Express AuthN Profile (EAP) docs

[Duane Merrill]

The three "Express Authentication Profile" documents have undergone a 
further revision and have been posted to the OGSA Gridforge document 
repository.  If you are (or are about to) socialize these documents 
amongst colleagues, please refer them to the latest versions. 

Changes of note:

    * Updates from Hiro's round of comments.
    * Fixed problem of identifying WSA headers for signing: added XPath
      expression to indicate all headers containing
      "IsReferenceParameter=true" attribute.
    * Fixed duplicate policy id issue with respect to supplemental
      input/output message protection policies.
    * Wordsmithing on introduction to "get to the point" quicker.
    * Other minor edits for clarity.

Cheers,

Duane


Duane Merrill wrote:
> All, I've updated the three EAP security profile documents on Gridforge 
> with some minor revisions, including clarifications, fixes to 
> requirement-numbering inconsistencies, and added an example SOAP message 
> meeting the requirements of the X.509 message-level binding assertion 
> policy.
>
> A question for the group: Would it be a good idea to also profile a 
> Kerberos message-level binding assertion policy within the 
> OGSA-SP-SecureSoapMessaging profile?  The document currently profiles 
> X.509 and UsernameToken binding policies, primarily because of their 
> widespread use / ease-of-adoption.  Thoughts?
>
> Duane
>
>
>
> --
>   ogsa-wg mailing list
>   ogsa-wg at ogf.org
>   http://www.ogf.org/mailman/listinfo/ogsa-wg
>   

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.ogf.org/pipermail/ogsa-wg/attachments/20070914/0b0165ac/attachment.html