[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Authentication Token
As discussed at yesterdays phone conference: a) In in discuss the JP Morgan/RSA system the requirement to add the capability to carry an authentication token (one time password, SAML assertion ...) in a DSS has been identified b) A similar requirement has been identified in EPM Previously, it had been decided that such a capability was not necessary as such authentication information could be carried in the underlying binding. Although there were views that such a feature would be useful, at the time the case was not strong enough for putting this in the core. Given that there are two profiles where this need has come up again, I would suggest that we need to revisit whether such an element should be added to the core. The element to carry such an authentication token could be either a new optional input, or an extension to ClaimedId. I would prefer an extension to the ClaimedId element as the authentication is logically associated with the Id. Views? Nick PS: Whilst looking at this I note that the saml:NameIdentifierType that we use has been replaced in the new SAML assertion syntax by "NameIDType". Do we want to follow them, stay referring to an old syntax, or split off from SAML?
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]