List Home

All Archives

Dates

Threads

Authors

Subjects

saml-dev - RE: [saml-dev] Subject confirmation.

Message Thread: Previous | Next

From: "Scott Cantor" <cantor.2@osu.edu>
To: "'Giuseppe Sarno'" <gsarno@nortel.com>
Date: Thu, 10 Nov 2005 14:34:00 -0500

Send Email to saml-dev@lists.oasis-open.org:

Send new message

Reply to this message

> it will probably take sometime to digest this, but you gave 
> me some good thoughts and material to go through.
> It looks like this is an important feature in SAML.

It's an important feature, but also a very dangerous one. Using it amounts
to constructing a security protocol involving the assertion, and if you (not
meaning you specifically) don't think you're capable of doing that safely,
you're better off looking at other profiles like, say, Liberty WSF, for
using SAML to do advanced things.

-- Scott

By Date: Previous \| Next	Current Thread	By Thread: Previous \| Next
RE: [saml-dev] Subject confirmation., Giuseppe Sarno 10:10 GMT RE: [saml-dev] Subject confirmation., Conor P. Cahill 12:47 GMT <Possible follow-ups> RE: [saml-dev] Subject confirmation., Giuseppe Sarno 13:36 GMT RE: [saml-dev] Subject confirmation., Conor P. Cahill 14:04 GMT RE: [saml-dev] Subject confirmation., Giuseppe Sarno 14:19 GMT RE: [saml-dev] Subject confirmation., Scott Cantor (you are here)