[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Question on SAML V2.0 Identity AssuranceProfiles ,Version 1.0
On 7/15/11 1:40 PM, "David Chadwick" <d.w.chadwick@kent.ac.uk> wrote: > >We have built a system which requires the LOA to be split into two >components, the registration LOA and the authentication/login LOA. > >I's like to know if you have envisaged your CD to be used to represent >this. No, it's explicitly not allowable because the binding here is to AuthenticationContext classes, which are singular in assertions without getting into some edge cases. >So could I for example send this in the IDP's metadata No, because that's illegal syntactically. You can have multiple values, but they're in parallel, not linked. >Similarly we want to be able to send this dynamically in a SAML >assertion. I presume it would be admissable there as well? No. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]