security-services message

Subject: Re: [security-services] Groups - sstc-saml-holder-of-key-browser-sso-draft-03.odt (sstc-saml-holder-of-key-browser-sso-draft-03.odt) uploaded

From: "Tom Scavo" <trscavo@gmail.com>
To: "Scott Cantor" <cantor.2@osu.edu>
Date: Tue, 1 Jul 2008 21:07:40 -0400

On Tue, Jul 1, 2008 at 3:40 PM, Scott Cantor <cantor.2@osu.edu> wrote:
>
> My argument is the same as it was originally. I don't think it serves either
> use case to attempt one profile that addresses SSO with a browser and
> stand-alone clients. They share commonality and they also have significant
> differences. I would leave it to implementations to decide how to overlap
> them.

As far as I can tell, a profile for a stand-alone client (which
doesn't exist of course) would be a strict subset of the
holder-of-key-browser-sso profile.  Moreover, the IdP-first subcase of
browser SSO is *very* close to the stand-alone client scenario.  Thus
I don't see much point in having two separate profiles.

Tom

Follow-Ups:
- RE: [security-services] Groups - sstc-saml-holder-of-key-browser-sso-draft-03.odt (sstc-saml-holder-of-key-browser-sso-draft-03.odt) uploaded
  - From: "Scott Cantor" <cantor.2@osu.edu>

References:
- Re: [security-services] Groups - sstc-saml-holder-of-key-browser-sso-draft-03.odt (sstc-saml-holder-of-key-browser-sso-draft-03.odt) uploaded
  - From: "Tom Scavo" <trscavo@gmail.com>