----- Original Message -----
From: "Sanjiva Weerawarana" <[EMAIL PROTECTED]>
To: "Jaliya Ekanayake" <[EMAIL PROTECTED]>
Cc: "Chamikara Jayalath" <[EMAIL PROTECTED]>; "Matthew Lovett"
<[EMAIL PROTECTED]>; <[email protected]>
Sent: Thursday, July 27, 2006 11:07 PM
Subject: Re: RM+Security
On Thu, 2006-07-27 at 14:47 -0400, Jaliya Ekanayake wrote:
Hi Matt and Chamikara,
IMHO; better to use Rampart to understand the RM messages and handle
the security token management accordingly as Chamikara have mentioned.
We don't necessarily need for Rampart (or another security provider; I
think that's the need that Matt's trying to address) to understand the
RM messages. Instead if we properly abstract the security function we
should be able to push understanding the tokens to the security provider
and have Sandesha dumbly call the security guy and ask something like
"is this cool with you" and get a simple yes/no answer.
I think this won't solve the problem completely. The reason is that Secure
Conversation needs to exchange tokens more frequently than RM sequences. May
be there are multiple security token exchanges for one RM Sequence. So the
Rampart needs to know which sequence it is dealing with.
Thanks,
-Jaliya
I agree with Chamikara that having Sandesha understand and compare
security tokens is not a good split.
Sanjiva.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
