[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] SAML 1.1 Technical Overview (11 May 2004)
> I would hope (at least in the pseudonomous federation world) that > the subject would not be the user's login name. Right, but his use case involves identity not pseudonymity. So does, in whatever imperfect form, the e-auth stuff from the feds, for now at least. > In that case I would ask them to put in their university name or > their domain and not their login name. But that's the security > weenie in me. I agree. But in general, having every application or service perform this function tends to be overkill, thus the WAYF concept has at least some advantages. But I think ultimately the solution lies in modifying the browser, and I believe that will happen. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]