per-entity - Re: [Per-Entity] implementing a cache on the client
Subject: Per-Entity Metadata Working Group
List archive
- From: Tom Scavo <>
- To: "Cantor, Scott" <>
- Cc: Jorj Bauer <>, Nick Roy <>, "" <>
- Subject: Re: [Per-Entity] implementing a cache on the client
- Date: Thu, 28 Jul 2016 11:52:33 -0400
On Wed, Jul 27, 2016 at 5:51 PM, Cantor, Scott
<>
wrote:
> On 7/27/16, 5:33 PM,
> "
> on behalf of Jorj Bauer"
> <
> on behalf of
> >
> wrote:
>
>> - you've configured the endpoint to subvert TLS in some way (skip TLS
>> validation, or install custom root certificate that pretends to be what
>> it's not).
>
> The trust model here is not TLS, it's a signature plus a lot of other
> semantic detail around document expiration and limiting document validity,
> same as in the aggregate case.
If the goal is to get our arms around the larger group of clients
(Shibboleth, SSP, AD FS, Ping), then we also need to reconsider our
overall security model. TLS on the MDQ server can not be avoided if we
truly want to be all-encompassing.
Tom
- Re: [Per-Entity] implementing a cache on the client, (continued)
- Re: [Per-Entity] implementing a cache on the client, Cantor, Scott, 07/27/2016
- Re: [Per-Entity] implementing a cache on the client, Nick Roy, 07/27/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Mitchell, 07/27/2016
- Re: [Per-Entity] implementing a cache on the client, Cantor, Scott, 07/27/2016
- Re: [Per-Entity] implementing a cache on the client, Ian Young, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Cantor, Scott, 07/27/2016
- Re: [Per-Entity] implementing a cache on the client, Jorj Bauer, 07/27/2016
- Re: [Per-Entity] implementing a cache on the client, Nick Roy, 07/27/2016
- Re: [Per-Entity] implementing a cache on the client, Jorj Bauer, 07/27/2016
- Re: [Per-Entity] implementing a cache on the client, Cantor, Scott, 07/27/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Scavo, 07/28/2016
- RE: [Per-Entity] implementing a cache on the client, Cantor, Scott, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Scavo, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Mitchell, 07/28/2016
- RE: [Per-Entity] implementing a cache on the client, Cantor, Scott, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Scavo, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, David Walker, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Scavo, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, David Walker, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Scavo, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Nick Roy, 07/28/2016
Archive powered by MHonArc 2.6.19.