[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: SAML attributes for Kerberos
> Scott's proposal sounds very practical if it is reasonable for the > parties to obtain the key in the way he suggests. Alternatively, use > HTTP Negotiate and the K5 mechanism at the transport layer during the > SP's request to the IdP in order to establish the key? One issue with that would be the requirement for the SP to have a Kerberos identity that it could use against the IdP. I don't think just shipping the service ticket + key to the SP strictly requires that the SP itself have an independent identity in Kerberos. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]