OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [saml-dev] saml:Attribute vs. md:RequestedAttribute

> Hmm, your question suggests I don't understand how
> <md:RequestedAttribute> is used.  If an SP makes an "empty query"
> (i.e., no <saml:Attribute> elements), does the IdP "fall back" on the
> <md:RequestedAttribute> elements in metadata?

It MAY (with some limits on usefulness), or the arrangement can be OOB (e.g.
Shibboleth today).

In SSO, the user's present, so it might have more use. And you have the
multiple levels of service notion. In queries, it's probably irrelevant in
most cases, other than provisioning policy ahead of time. That was the other
use case for the metadata, driving a policy GUI.

Seems to be a DOA idea, since SPs don't seem willing to document themselves
and federations don't seem willing to collect it.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]