[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] saml:Attribute vs. md:RequestedAttribute
> Hmm, your question suggests I don't understand how > <md:RequestedAttribute> is used. If an SP makes an "empty query" > (i.e., no <saml:Attribute> elements), does the IdP "fall back" on the > <md:RequestedAttribute> elements in metadata? It MAY (with some limits on usefulness), or the arrangement can be OOB (e.g. Shibboleth today). In SSO, the user's present, so it might have more use. And you have the multiple levels of service notion. In queries, it's probably irrelevant in most cases, other than provisioning policy ahead of time. That was the other use case for the metadata, driving a policy GUI. Seems to be a DOA idea, since SPs don't seem willing to document themselves and federations don't seem willing to collect it. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]