PAPI Archivos

The PAPI authentication and authorization framework


Opciones: Vista Clásica

Use Monospaced Font
Por defecto enseñar Text Part
Esconda cabeceras de correo

Tema: [<< Primero] [< Prev] [Siguiente >] [Último >>]

Print Responder
Received: from ( []) by (8.12.1/8.9.1) with SMTP id g8GI8rVP002576 for <[log in para visualizar]>; Mon, 16 Sep 2002 20:08:57 +0200 (CEST) (qmail 2465 invoked by alias); 16 Sep 2002 18:08:53 -0000 (qmail 2459 invoked from network); 16 Sep 2002 18:08:52 -0000 from unknown (HELO ( by with SMTP; 16 Sep 2002 18:08:52 -0000
Content-Type: text/plain; charset=koi8-r
Date: Mon, 16 Sep 2002 19:07:40 +0100
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Emisor: Sassa <[log in para visualizar]>
Parts/Attachments: text/plain (23 lines)

We are working on authorisation API in European project PERMIS. We need
to know a bit more about your software and its architecture.

Currently the questions are:

1. How do you secure the communication to the Authentication Server
2. How do you secure the communication to the Point of Access.
3. How do you enforce that the links are requested through your PoA
only? What stops the user from accessing the desired web-site directly?

"The PAPI system: Point of Access to Providers of Information" does not
say anything on whether the communication is trusted or not.


Alexander Otenko

Research Assistant
Salford University