[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Inclusion of Federated Name Registration Protocolin SAML 2.0
ext Mishra, Prateek wrote: > Could this not be accomplished by the IdP (optionally) returning a "fresh" > federation identifier as part of the AuthNResponse? That is a modest > extension to an existing protocol vs. the introduction of a whole new > request-response pair. 1) You'd need to carry two NameIDs in the AuthnResponse. 2) The IdP might have to send an "unsolicited" AuthnResponse in order to initiate this change. Would that be an overloading of the AuthnRequest/Response? - JOhnK
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]