[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] proposed SAML artifact definition
ok, popping the veritable stack here... thanks for all the comments on the
defn for "saml artifact".
ScottC mused:
> One might argue we should have just changed the name of the thing. ;-)
agreed ;) But even if we named it differently, I don't think the definition
would be any smaller.
anyway, here's the re-worked defn per comments. I added context-of-use and
rationale information for hopefully obvious reasons...
SAML artifact
A small, fixed-size, structured data object pointing to a
typically larger, variably-sized SAML
protocol message. SAML artifacts are designed to be
embedded in URLs and conveyed in HTTP messages, such as HTTP
response messages with "3xx Redirection" status codes, and
subsequent HTTP GET messages. In this way, a service provider
may indirectly, via a user agent, convey a SAML artifact to
another provider, who may subsequently dereference the SAML
artifact via a direct interaction with the supplying provider,
and obtain the SAML protocol message. Various characteristics
of the HTTP protocol and user agent implementations provided
the impetus for concocting this approach. The HTTP
Artifact binding section of [SAMLBind] defines both the
SAML Artifact format and the SAML HTTP protocol binding
incorporating it.
JeffH
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]