OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [security-services] BPP vs BAP for SAML 1.1

Hi,

Wouldn't that sort of information typically belong in the implementation 
guidelines document? So, if one were writing an implementation that 
supported limited browsers, one would want to know that the artifact 
profile might be more suited for that purpose. That said, it might be 
still be nice to explain what the profiles are in the overview at least.

BTW, there is a discussion of artifact vs BPP in a mobile environment as 
part of the Liberty ID-FF 1.2 Implementation Guidelines document, 
available on the public Liberty website.

Cheers,

- JohnK

ext Jahan Moreh wrote:

> John -
> I am sure you have already thought about this. But just in case, there are
> two salient pro/con for BPP vs. BAP:
> 1. BAP has the advantage of being more compact on the Browser (i.e., only
> the artifact passes through the browser),
> 2. BPP has the advantage that it is "self-confirming" and does not require a
> (SOAP) connection from the assertion consumer to an assertion producer.
> 
> I personally think that (2) outweighs (1), but that's another matter.
> 
> Thanks,
> Jahan
> 
> ------
> Jahan Moreh
> Chief Security Architect
> 310.288.2141
> 
> -----Original Message-----
> From: John Hughes [mailto:john.hughes@entegrity.com]
> Sent: Tuesday, March 23, 2004 1:12 AM
> To: Security-Services
> Subject: [security-services] BPP vs BAP for SAML 1.1
> 
> 
> Its just crossed my mind that it might be good to have a small section in
> the SAML 1.1 Technical Overview on the pros/cons using BAP vs BPP ( and vice
> versa).  I can think of some - but welcome other input.
> 
> 
> John
> 
> 
> 
> 
> To unsubscribe from this mailing list (and be removed from the roster of the
> OASIS TC), go to
> http://www.oasis-open.org/apps/org/workgroup/security-services/members/leave
> _workgroup.php.
> 
> 
> 
> 
> To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/security-services/members/leave_workgroup.php.
> 
>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]