OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: [saml-dev] Introduction & Question about the "heaviness" of SAML

> I would advise getting more involved with one of those 
> scenarios than trying to do your own. The last thing the 
> world needs is another SSO option since one of the things 
> preventing more wide-spread adoption is that there's too many 
> non-interopable options now.


I've been a developer of proprietary SSO. I know why people build them,
and it usually has nothing to do with technology.

I'm not sure I buy the "bloat" argument. There's very little in SAML
that's about SSO, frankly. That piece is not that big, and it's at least
as simple to implement as any other system I've seen or built, with the
exception that it's in XML. That may be the real issue for your
colleague, perhaps.

At the very least, I would echo Mark and suggest that if he's set on a
proprietary SSO that doesn't really offer additional security (i.e.
doesn't use a plugin or modified browser or client certs), look at I2's
WebISO code built around pubcookie. Let's at least encourage as few
solutions as possible.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC