saml-dev message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: RE: [saml-dev] Consent in the RequestAbstractType.
- From: "Giuseppe Sarno" <gsarno@nortel.com>
- To: "Cahill, Conor P" <conor.p.cahill@intel.com>, <saml-dev@lists.oasis-open.org>
- Date: Tue, 19 Sep 2006 15:55:42 +0100
Title: Consent in the RequestAbstractType.
So for example
the SP could provide a portal/form where the user has to
explicitly to tick a box before the SP can initiate an AuthRequest with an
IDP.
Looking at the identifiers,
I guess implicit is the case when there is not a tick box
but may be a Warning message for example, but I don't quite understand the
difference between explicit and obtained, aren't they the same
?
Also I guess from a SAML point of view (a part the fact
that a Request SHOULD be Signed in case there is a consent attribute) the
behavior at the IDP is out of scope.
It is a flag to indicate that the Requestor is
actively asserting that they have obainted the consent of the user to make
this request.
The use case is primarily around privacy and potential
ramifications on an Requestor who performs such an operation without having
collected consent (their argument about "not knowing they needed consent" has
less strength when they have a flag this flag set).
Conor
Hi,
Can anyone
please help me understanding the attribute "Consent" in an abstractRequest ?
Are there any use cases ?
Thanks.
Giuseppe.
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]