[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Thematic Profiles
Okay, so here is my first pass of identifying "themes" and what might go into them. Authentication: SSO, ECP, IdP Discovery, SP Request Init, intro to AuthnContext Delegated Authn: mostly just exposition on how to do this, delegation restriction extension Attributes: Attribute query (maybe include a "ReST"-based mech), Basic Attribute Profile (other attribute profiles should be split out as separate docs) Session Management: Logout, Async Logout, Hal's Session Token Profile? Artifact: Artifact query, maybe include a "ReST"-based mech Account Management: NameID management, NameID mapping, Account Linking (just exposition on how to do this with the protocol) Assertion Query (this probably should just go away but I assume we have to keep it around for compatibility) As I think about this more, I like the way this could work out. I think these documents should probably cover the following: - Non-normative: context/use-case we're trying to address. Try to be very clear about what this does and doesn't do. - Normative: Specification of elements, message processing, and use of metadata - Non-normative: implementation notes/consideration/recommendations Now, one question I have about this theme list, is whether "Authentication" is too broad. Should we break it down into Browser-based SSO and Non-browser? At their core, these aren't that different but conceptually they are pretty different and I think the implementation notes, in particular, are probably quite different. So, to me, it feels like these should be separate docs. Thoughts, questions, comments? Chad La Joie | Dev Manager, Identity Management m: 734.531.9087 | e: chad.lajoie@covisint.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]