OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: Re: [saml-dev] Introduction & Question about the "heaviness" of SAML


Hmm... OK, thanks all.

You mention that I should try and create a new SAML profile to do the 
type of thing that we want to do with Tickets. That is, merely specify a 
"key" that the SAML consumer uses to access information in the user's 
account with their SAML producer. The SAML profile could also contain 
information to help with using this key, such as the IP address of the 
user. Is this correct?

Scott Cantor wrote:
>>Your comments indicate that you are approaching SAML in terms 
>>of its broadest goals and philosophies. All of which is good 
>>and entirely appropriate
>>BUT you should also be aware that SAML also includes detailed 
>>solutions to specific problems such as single sign-on. 
> 
> 
> To follow this up, the broader point is that "SAML" doesn't solve a
> problem, "SAML Profiles" do. The SAML messages are just a framework for
> carrying certain types of data around in a security-technology-neutral
> way.
> 
> It would not be a "mistake" to invent a SAML profile to solve a new
> security problem. It would be (IMHO) more of a mistake to reinvent the
> formats and carry the same data around in XML with a different schema
> without a good reason.




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC