[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Another attempt at AllowCreate cleanup
Polar Humenn wrote: > > "A Boolean value of _false_ prevents the identity provider from creating a > new identifier (or associating an existing identifier) representing the > principal (Q:which principal???) with the relying party." This actually bears some resemblance to the original text in the released spec, but I think it's better, thanks. The trick is that it's up to the IdP to determine whether what it's doing qualifies, and this is the source of all the squishiness. > Disclaimer: I'm coming at this on a casual read during my lunch, without > much knowledge of what you are talking about. :) Long, long, long story. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]