v1.1 of the draft report
Hi all - Thanks to your excellent feedback, the wiki and word doc have been significantly updated. That does not, however, mean I'm done pestering you about it yet! I'm focusing on the section regarding Protocols which currently states: --- Protocols How do you move attributes around? Efforts in this space: SAML OAuth --- Do we actually have anything to say there with regards to gaps and/or recommendations? If not, I'll take that section out entirely. We do have a guest on our call next week, so we won't have a whole lot of time to devote to going over the draft. Please take a few minutes to read it over and send me your comments so we can focus our time next week on Don Thibeau and his thoughts on the attribute space. Thanks! -Heather
Hi again.. On Friday 10th I have you this snippet... <<Protocols How do you move attributes around? (is there any more to the question of protocols other than the SAML and OAuth work?) CW: Web Services of course. They either move via the front channel (browser for example), or the back channel (WS* stack) (ed: over SOAP) and I guess in some special cases point to point with a secured VPN channel (governments and larger enterprises often have these)>> So that is 3 efforts now..4 actually, because you can do it with digital certificates in a PKI And I gave you the front channel, back channel and 'point to point' VPN text.. We can say that front channel offers more security challenges, but has greater reach because mobile devices are capable of managing it. Our guest next week might help us with your questions as this is 'his bag' :-). As far as I know, no new protocols are proposed, so the 'gaps' as such are limited to profiling the existing protocols for use as attribute carriers. If there is a gap at all, I would say it around the (untested?) security of the new protocols, and that the current suite of security techniques and the protocols themselves are still too heavyweight for the mobile device market. But we are skating onto the edge of the scope now... Could someone who is understanding (technically) where I am going here, maybe help Heather put my random musings together into a coherent paragraph? Cheers Colin -----Original Message----- From: dg-am-bounces@kantarainitiative.org [mailto:dg-am-bounces@kantarainitiative.org] On Behalf Of Heather Flanagan Sent: Wednesday, 22 February 2012 3:19 p.m. To: dg-am@kantarainitiative.org Subject: [DG-AM] v1.1 of the draft report Hi all - Thanks to your excellent feedback, the wiki and word doc have been significantly updated. That does not, however, mean I'm done pestering you about it yet! I'm focusing on the section regarding Protocols which currently states: --- Protocols How do you move attributes around? Efforts in this space: SAML OAuth --- Do we actually have anything to say there with regards to gaps and/or recommendations? If not, I'll take that section out entirely. We do have a guest on our call next week, so we won't have a whole lot of time to devote to going over the draft. Please take a few minutes to read it over and send me your comments so we can focus our time next week on Don Thibeau and his thoughts on the attribute space. Thanks! -Heather _______________________________________________ DG-AM mailing list DG-AM@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-am ==== CAUTION: This email message and any attachments contain information that may be confidential and may be LEGALLY PRIVILEGED. If you are not the intended recipient, any use, disclosure or copying of this message or attachments is strictly prohibited. If you have received this email message in error please notify us immediately and erase all copies of the message and attachments. Thank you. ====
Hi Colin , ----- Original Message -----
From: "Colin Wallis" <Colin.Wallis@dia.govt.nz> To: dg-am@kantarainitiative.org Sent: Tuesday, February 21, 2012 8:57:43 PM Subject: Re: [DG-AM] v1.1 of the draft report
Hi again..
On Friday 10th I have you this snippet...
Ooops, that's right. Sorry I missed that!
<<Protocols How do you move attributes around? (is there any more to the question of protocols other than the SAML and OAuth work?) CW: Web Services of course. They either move via the front channel (browser for example), or the back channel (WS* stack) (ed: over SOAP) and I guess in some special cases point to point with a secured VPN channel (governments and larger enterprises often have these)>>
So that is 3 efforts now..4 actually, because you can do it with digital certificates in a PKI And I gave you the front channel, back channel and 'point to point' VPN text..
We can say that front channel offers more security challenges, but has greater reach because mobile devices are capable of managing it.
Our guest next week might help us with your questions as this is 'his bag' :-).
As far as I know, no new protocols are proposed, so the 'gaps' as such are limited to profiling the existing protocols for use as attribute carriers. If there is a gap at all, I would say it around the (untested?) security of the new protocols, and that the current suite of security techniques and the protocols themselves are still too heavyweight for the mobile device market. But we are skating onto the edge of the scope now...
So text along the lines of: The protocol space around attributes is comparatively stable. What is missing, however, is better guidance on how exactly to use those protocols to carry attributes and their associated metadata in a secure and interoperable fashion. In particular, how to use these protocols in the mobile device market, where the large data streams don't work in a mobile profile. Would that work? -Heather
<<So text along the lines of: The protocol space around attributes is comparatively stable. What is missing, however, is better guidance on how exactly to use those protocols to carry attributes and their associated metadata in a secure and interoperable fashion. In particular, how to use these protocols in the mobile device market, where the large data streams don't work in a mobile profile. Would that work?>> Perfect! Thanks -----Original Message----- From: dg-am-bounces@kantarainitiative.org [mailto:dg-am-bounces@kantarainitiative.org] On Behalf Of Heather Flanagan Sent: Sunday, 26 February 2012 9:58 a.m. To: Colin Wallis Cc: dg-am@kantarainitiative.org Subject: Re: [DG-AM] v1.1 of the draft report Hi Colin , ----- Original Message -----
From: "Colin Wallis" <Colin.Wallis@dia.govt.nz> To: dg-am@kantarainitiative.org Sent: Tuesday, February 21, 2012 8:57:43 PM Subject: Re: [DG-AM] v1.1 of the draft report
Hi again..
On Friday 10th I [g]ave you this snippet...
Ooops, that's right. Sorry I missed that!
<<Protocols How do you move attributes around? (is there any more to the question of protocols other than the SAML and OAuth work?) CW: Web Services of course. They either move via the front channel (browser for example), or the back channel (WS* stack) (ed: over SOAP) and I guess in some special cases point to point with a secured VPN channel (governments and larger enterprises often have these)>>
So that is 3 efforts now..4 actually, because you can do it with digital certificates in a PKI And I gave you the front channel, back channel and 'point to point' VPN text..
We can say that front channel offers more security challenges, but has greater reach because mobile devices are capable of managing it.
Our guest next week might help us with your questions as this is 'his bag' :-).
As far as I know, no new protocols are proposed, so the 'gaps' as such are limited to profiling the existing protocols for use as attribute carriers. If there is a gap at all, I would say it around the (untested?) security of the new protocols, and that the current suite of security techniques and the protocols themselves are still too heavyweight for the mobile device market. But we are skating onto the edge of the scope now...
So text along the lines of: The protocol space around attributes is comparatively stable. What is missing, however, is better guidance on how exactly to use those protocols to carry attributes and their associated metadata in a secure and interoperable fashion. In particular, how to use these protocols in the mobile device market, where the large data streams don't work in a mobile profile. Would that work? -Heather _______________________________________________ DG-AM mailing list DG-AM@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-am ==== CAUTION: This email message and any attachments contain information that may be confidential and may be LEGALLY PRIVILEGED. If you are not the intended recipient, any use, disclosure or copying of this message or attachments is strictly prohibited. If you have received this email message in error please notify us immediately and erase all copies of the message and attachments. Thank you. ====
participants (2)
-
Colin Wallis -
Heather Flanagan