[mdx] what to trust
Josh Howlett
Josh.Howlett at ja.net
Fri May 8 02:37:47 PDT 2009
> > So what you say is that the only way to encode trust in metadata
> > *internal* to a metadata aggregator is signatures.
> > That might be true... I need to think about that.
>
> I think there's another way:
>
> http://www.oasis-open.org/committees/download.php/31109/sstc-m
etadata-attr-cd-01.html
>
> You could include an assertion in the EntityDescriptor which
> acted as a trust decoration.
>
> My earliest thought was that an authentication assertion
> might be the most appropriate vehicle for this, ...
Let me expand on that. I think it's appropriate /if/ you consider entity
registration as equivalent to principal authentication. I've not
considered the appropriateness of this in any depth; but it stuck me
that some of the AuthnStatement semantics might be useful; for example,
AuthnContext for expressing the Registration Practise associated with
the entity.
josh.
JANET(UK) is a trading name of The JNT Association, a company limited
by guarantee which is registered in England under No. 2881024
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Science and Innovation Campus, Didcot, Oxfordshire. OX11 0SG
More information about the mdx
mailing list