OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-regrep message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: Security Discussion: Changed Agenda: Teleconference : 12/21/200012:30-4pm CDT : RIM discussion follow-up


	I am ambivalent about supporting UN/PW in the registry (for a change ;-)).

> -----Original Message-----
> From: Ahmed, Zahid [mailto:zahid.ahmed@commerceone.com]

<snip ../>

>  Password based auth is so basic that not having
> support is a problem particularly for light-weight
> registry clients that have access to HTTPS transport
> but no PKI and/or cert mgmnt capabilities.

Yep, agreed. And HTTPS would make the transport secure and would fit very
well with lightweight Registry. Good idea.

> as I pointed out before:
> 1) We can specify UserId/Pwd "credential/login" data
> using S2ML which allows us to encrypt the login
> elements;

If we encrypt the credentials, won't we get into the same problems as
before. Where would one get the keys without some kind of a PKI?

> 2) Having password based authentication features
> is very compatible with existing enterprises that
> want to re-use password databases (either in LDAP,
> in existing single-signon user database, or even
> a standard web server).

It will also help us in debugging, testing interoperability et al.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Search: Match: Sort by:
Words: | Help

Powered by eList eXpress LLC