Hi All, This message is intended to start the discussion on the WSRF-BP Tracker Item #1323 (and hopefully to close it). TI#1323 Summary: Communication of assertions Description: Profiles for common assertions in headers or Proxy Certificate I'd like to propose to add the following to the WSRF Basic Profile 1.0 ---- 8.1.x or 8.x Communications of assertions Senders MAY send assertions that can be used for policy decisions including access control decision by receivers with SOAP messages. The assertions MUST be SAML assertions or X509 attribute certificates and senders and receivers MUST adhere to the Basic SEcurity Profile or SAML Token Profile Version 1.0 when sending assertions. R08xx When communicating SAML assertions, a SENDER and a RECEIVER MUST comply with SAML Token Profile Version 1.0 R08xx When communicating X509 attribute certificates, a SENDER and a RECEIVERMUST comply with the Basec Security Profile Version 1.0 Section 5. ---- Here is some background on my proposal. I think's it is better not to use proxy certificate as a mean for communication of assertions, because there is no standardized way of embedding assertions in X509 certificates as certificate extentions, thus, developing such a standard would be too costly. ---- Takuya Mori