[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] when in doubt, read the spec...
> > ...the confusing comes in for most people because the > presentation of > > this token in an SSO type profile usually results in the > bypass of an > > authentication step at the relying party... > > all due respect, but isn't "the bypass of an authentication step" > the whole purpose of SSO by definition? surely, that's what > the "single" refers to in "SSO". no? Yes that is the case. That is also why people consider this an "authentication". I personally don't, I'm just trying to explain why some do. > > ...because you are presenting some form of credential to > an entity... > > i hate to be pedantic, but does the saml spec refer to an > assertion as a credential? my understanding is that an > assertion is a "claim" or "statement". i take my > understanding of what an assertion is (and what it is not) > from the spec. for instance: I don't think you hate it all that much :-). My use of the term "credential" is not out of the SAML spec, but just plain english. That is, IMHO (not that many people believe I can be H), a good description of what the SAML token is in such a sequence. Conor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]