OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [saml-dev] SubjectConfirmation in SAML query

On 2/11/07, Alistair Young <alistair@smo.uhi.ac.uk> wrote:
> > define an AuthnRequest Extension to allow
> > for
> > tunnelling Attributes to use as a query
> can you explain a bit more about this please? What do you mean by
> "tunnelling"?

A principal can use AttributeQuery to self-query for attributes.  See,
for example, section 4 of this deployment profile:

http://www.oasis-open.org/committees/download.php/21568/sstc-saml2-profiles-deploy-x509-draft-01.pdf

Scott is suggesting to use AuthnRequest instead of AttributeQuery,
since AuthnRequest is much richer.  All that's needed is an extension
so the requester can ask for a specific set of attributes.  Then
AuthnRequest will be able to do everything that AttributeQuery can do,
and much more.

Hope that helps,
Tom

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]