[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] SAML, trust and WS.
Hi, It seems I kicked off some great discussion on this, and it also looks like there are a lot of people interested in this, for my sake I would like to re-cap this and see if I got it right. SAML provides capability for SSO and Delegation (via specific elements in the assertion). SAML DOESN'T provide the capability (in a standard way - through profiles) for a SP to query or ask for one Assertion or the other. (The only assertion currently supported in the profiles is the SSO one.) The important bit which I'm not too sure about is the following: the only difference between the two assertions is really the Subject confirmation bit (in the delegation case we need a holder of key or sender vouches). And the difference at the profile level is the capability to specify the assertion required. This might be too simplistic but, is this correct ? what are other things missing ? Thanks. Giuseppe.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]