Tom Scavo wrote:
On Wed, Jul 23, 2008 at 6:32 PM, Thierry Moreau
<[EMAIL PROTECTED]> wrote:
The document I published on my web site today is focused on fielding
certificateless public operations with the TLS protocol which does not
support client public keys without certificates - hence the meaningless
security certificate.
As such, your document is directly applicable to a proposed standard
that is now winding its way through the OASIS process:
http://wiki.oasis-open.org/security/SamlHoKWebSSOProfile
The proponents of this variant of SAML Web Browser SSO have no
interest in an online database of public keys, but your profile is
relevant nonetheless, for its interoperability aspects.
Thanks, I will look into this.
You mentioned earlier that this may become an IETF RFC. Do I take
this to mean that your company holds no patent, copyright, trademark
or license rights that would prevent us from relying on your profile?
Neither patent nor patent application for the matter contained in the
referenced document.
--
- Thierry Moreau
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
