MHonArc v2.5.0b2 -->
emergency message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: RE: [emergency] Identity and Authority ( was RE: CAP Visualization...)
>>We won't be duplicating work if our reasons for not specifying this
>>was to allow time for these other specs to "bake" to the point where
>>we can recommend them in general practice terms and perhaps specify
>>them for particular application areas, such as using XACML for access
>>control, SAML for general security and WSS for more specific web
>>services security, along with the emerging federated certification
>>authority for authentication of user identity. Then we have choices
>>to make with regard to PKI and XML signature that we can recommend
>>for electronic signing needs.
>>These specs have gotten to the point where these choices need to be
>>made and a lot more experience gathered.
Rex,
You've captured much of my own perspective regarding the practical
implementation of these Identity and Authority technologies in relation to
CAP. The bottom line is that we cannot implement CAP without addressing the
implementation realities faced on the front line. Dealing with these issues
directly in the context of the implementation guide will help associate CAP
more readily in terms of solutions. There is a difference between a
"protocol" and a solution. Providing examples of end-to-end implementation
solutions is invaluable to the community of potential implementers who face
the realities of architecture, technology and policy constraints in the
context of their respective organizations. Implementation is where the
rubber meets the road and invariably will assist with creating the momentum
needed to drive uptake. As you so aptly used the phrase "these choices need
to be made and a lot more experience gathered". As implementers we are all
facing similar if not related challenges.
Kwasi