OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: [saml-dev] Question about artifact & Destination site pairs.

It is assumed that a Source Site will require a Destination site to authenticate in some way. Therefore it will know the identity of the Destination Site. This identity is what should be associated with the artifact value.
 
Mutual Authentication via SSL is being used in the Catalyst Demo. Checking the IP address is a very weak form of authentication.
 
Hal
-----Original Message-----
From: Ignasi Ripoll [mailto:ignasi@wanadoo.es]
Sent: Saturday, July 06, 2002 11:10 PM
To: saml-dev@lists.oasis-open.org
Subject: [saml-dev] Question about artifact & Destination site pairs.

Question about the following paragraf, cs-sstc-bindings-01:
 
521     The source site MUST return a response with no assertions if it receives a <samlp:Request> message
522     from an authenticated destination site X containing an artifact issued by the source site to some other
523     destination site Y, where X <>Y. One way to implement this feature is to have source sites maintain a list
524     of artifact and destination site pairs.
 

What information Source Site maintain  about Destination Site??
 
I'm maintaining a list of <artifact, IP of Destination site>
 
This's correct??

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC