[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [saml-dev] Question about ConfirmationMethod in SSO
Possibly conditions is what my co-developer is afraid of. I don't see why, since I too think that having the expiration data in the assertion is a good thing. But I think he might mean something else. I'm getting details from him. In the mean time, I have a question of my own from reading the assertion spec. In what instances are the <ConfirmationMethod> and <SubjectConfirmationData> used? It would seem to me that it would not be usable in a SSO environment, since the entire purpose of SSO is to *not* pass that sort of information along. I'm assuming that because of this, SAML can also be used as a local authentication protocol as well? A spec I could use to log into a service with username and password? Scott Cantor wrote: >>Is the ability to store information in the assertion that allows the >>recipient to verify the validity of the assertion without a network >>connection, such as after the network connection is dropped, >>mandatory? > > > Like what? Conditions? > > I'm not sure I'd want to have to query back to some datastore using a > key or ID just to find out that the assertion had expired... > > -- Scott >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC