[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: SAML configuration/interoperability woes
I don't think plug-and-play is a requirement for SAML. I think our requirement is run-time interoperability, but not setup/configuration. Certainly we want to make configuration easy as possible, but negotiation of configuration parameters leads us to the bootstrap problem. We can be successful with SAML 1.0 by ensuring run-time interop, IMHO Dave > -----Original Message----- > From: Anders Rundgren [mailto:anders.rundgren@telia.com] > Sent: Wednesday, July 11, 2001 4:42 AM > To: OASIS SAML; Mishra, Prateek > Subject: SAML configuration/interoperability woes > > > Continuing from Browser Artifact question > > When I look on the F2F-binding paper, paragraph 3.1.2 I get some > feelings that this is not designed for plug-and-play. Specifics: > > - The sample PartnerID is supposed to be communicated out-of-band > - There is no place to store the assertion "pull" URL > - Are the type-code to be registered? > > Artifacts introduce new problems that IMHO have not yet gotten > suitable generic solutions. > > Minor detail: B64 encoding means Base64? If so I would add > that this in turn must be URL-encoded as well to not get problems > with "=". > > rgds > Anders R > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC