OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Groups - sstc-saml-MetadataDiscoveryProtocols-2.0-draft-00.pdfuploaded





>The URL *is* the provider's identifier, directly. The Issuer of assertions
>from that provider might be "http://identityprovider.com/saml2"; for
example.
>You hit that URL, you get the metadata document.

>This isn't rocket science, or am I missing something?

So you have to get the URL out of band, and then go ask for the metadata ?
How do you know what metadata will
be returned ? How do your trust the metadata, is it signed ?

How do I know how to talk to the metadata URL, that is how do I know to use
HTTP/S, WS-Security or other security
protocols ? How is the boot strap solved ?

I don't see that this specification solves anything except saying that you
can use a out of band URL

This isn't rocket science, or am I missing something?

Anthony Nadalin

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]