[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Untrusted Service Provider Profile
> The OpenID model is thought to be flawed, as shown in this blog entry: That flaw is orthogonal to the question of trusted SPs, and affects SAML (browser SSO) just as much as OpenID. > So I guess it depends on how you propose to do IdP Discovery. How > does the untrusted SP know the principal's preferred IdP? Again, seems entirely orthogonal. Discovery is equally hopeless in all browser based approaches and the simple OpenID mechanism of just telling it the damn IdP seems a heck of a lot simpler than most of the SAML kluges, including the one I submitted sadly. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]