On 2/12/09 1:16 PM, "Hannes Tschofenig" <Hannes.Tschofenig@xxxxxxx> wrote: > The main issue I have been struggeling with these authorization extensions > inside TLS is that they happen at the wrong layer. I don't know about that - I think it really depends on how the TLS session is being used, etc. I think that the more ability traffic has to describe itself the better, and that there are some non-trivial advantages to carrying authorizations in-band. Melinda _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf