OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [security-services] Another attempt at AllowCreate cleanup

Polar Humenn wrote:
> 
> "A Boolean value of _false_ prevents the identity provider from creating a
> new identifier (or associating an existing identifier) representing the
> principal (Q:which principal???) with the relying party."

This actually bears some resemblance to the original text in the 
released spec, but I think it's better, thanks.

The trick is that it's up to the IdP to determine whether what it's 
doing qualifies, and this is the source of all the squishiness.

> Disclaimer: I'm coming at this on a casual read during my lunch, without
> much knowledge of what you are talking about. :)

Long, long, long story.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]