[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Proposed Enhancement for Dynamic Attribute Queries
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/28/2012 01:23 AM, David Chadwick wrote: > Hi Leif > Hi David, long time no talk :-) <snip> > >> So why is the feature in the attribute request message? And has >> been there from v1 of SAML? Because people don't care enough to deprecate features just because they aren't used much? > >> If you have a model of an all attribute providing IDP, and an SP >> that offers multiple services with different authz requirements, >> then you need a feature such as this No. You need a feature like this if you need to support _dynamic_ authz requirements. Supporting authz at all is sufficiently difficult for SPs. Cheers -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk9yvAwACgkQ8Jx8FtbMZnfyOgCgw40n92l9xH7brViPSODIDaBB g3QAoIG/GtcrGSW7Hw9TcciEzA4aWfOH =J+2t -----END PGP SIGNATURE-----
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]