[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] [Fwd: Re: OpenID Mobile Profile?]
thanks scott, below Scott Cantor wrote: I believe the concern is the possible absence of javascript for auto-submit, implying a user clickPaul Madsen wrote on 2009-02-03:FYI, the OpenID folks are contemplating an artifact mechanism to deal with mobile client limitationsI can't recall the last time I ran into a phone browser that didn't handle POST fine, at least on a device anybody would actually use to access the web. yes, I agree. But, with our binding it is the IDP that sends the artifactresolve message to the SP , and I think thats what Nat is trying to avoid have happen.The difference between this flow and the SAML artifact binding is that in case of SAML, the artifact/ticket is created by the RP and OP goes and fetch the request from RP.I don't think they understand that the binding goes either way... -- Scott --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]