[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] FW: Help with what standards support these WebServices calls?
> As someone else noted, WS-Trust could also be used for steps 1 & 2. The > main advantage in using WS-Trust vs.. SAML Authn Req is that WS-Trust has a > mechanism for conveying a key back to the requestor (corresponding to the > key in the Token) which can then be used for message protection and to bind > the SAML Assertion to the message contents, assuming Agency 1 & Agency 2 > have the necessary cryptographic capabilities. With SAML Authn Req, Holder > of Key Subject confirmation cannot be used unless some other means of key > distribution is provided. Anything you can do with WS-Trust, you can do with SAML. I'd go so far as to say the interoperability is about as likely too (if not higher). In this specific case, using an attribute is a trivial way to communicate a key back. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]