per-entity - RE: [Per-Entity] implementing a cache on the client
Subject: Per-Entity Metadata Working Group
List archive
- From: "Cantor, Scott" <>
- To: Tom Scavo <>
- Cc: Jorj Bauer <>, Nick Roy <>, "" <>
- Subject: RE: [Per-Entity] implementing a cache on the client
- Date: Thu, 28 Jul 2016 16:02:36 +0000
- Accept-language: en-US
- Authentication-results: spf=pass (sender IP is 164.107.81.214) smtp.mailfrom=osu.edu; incommon.org; dkim=none (message not signed) header.d=none;incommon.org; dmarc=bestguesspass action=none header.from=osu.edu;
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:99
> If the goal is to get our arms around the larger group of clients
> (Shibboleth, SSP, AD FS, Ping), then we also need to reconsider our
> overall security model. TLS on the MDQ server can not be avoided if we
> truly want to be all-encompassing.
If you want to put TLS on it, that's fine. It won't affect my software. If
you're suggesting that the trust anchor of all anchors be online in a web
server, that I definitely can't get behind. If people want to trust that key,
I'm not going to stop them, but there needs to be a signature. You can't move
this metadata around if there's not.
-- Scott
- Re: [Per-Entity] implementing a cache on the client, (continued)
- Re: [Per-Entity] implementing a cache on the client, Nick Roy, 07/27/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Mitchell, 07/27/2016
- Re: [Per-Entity] implementing a cache on the client, Cantor, Scott, 07/27/2016
- Re: [Per-Entity] implementing a cache on the client, Ian Young, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Cantor, Scott, 07/27/2016
- Re: [Per-Entity] implementing a cache on the client, Jorj Bauer, 07/27/2016
- Re: [Per-Entity] implementing a cache on the client, Nick Roy, 07/27/2016
- Re: [Per-Entity] implementing a cache on the client, Jorj Bauer, 07/27/2016
- Re: [Per-Entity] implementing a cache on the client, Cantor, Scott, 07/27/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Scavo, 07/28/2016
- RE: [Per-Entity] implementing a cache on the client, Cantor, Scott, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Scavo, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Mitchell, 07/28/2016
- RE: [Per-Entity] implementing a cache on the client, Cantor, Scott, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Scavo, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, David Walker, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Scavo, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, David Walker, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Scavo, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Nick Roy, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Cantor, Scott, 07/28/2016
Archive powered by MHonArc 2.6.19.