[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Attribute Federation and NameIDPolicy:Format
|
Hi @ all, I’m thinking about
the Attribute Federation scenario as described in “SAML V2.0 Technical
Overview”. It is stated in Step 4 of this scenario that the NameID
provided by the IdP may be an arbitrary value. I’ve got a little question
about this: The source-site-first
use-case is not mentioned but seams nevertheless possible. In this case, should
the SP set the NameIDPolicy:Format Attribute in its AuthnRequest to "urn:...:transient"
or "urn:...:unspecified" or something agreed upon between IdP and SP
or leave it blank to instruct the IdP to create an “arbitrary value”? By the way, the steps for
the different federation cases as described in the “SAML V2.0 Technical
Overview” aren’t normative because they don’t belong to the
spec-set. Why aren’t they explicitly profiled in the SAML 2.0 Profiles
Spec including more details? Thanks in advance and
also for recent help ;) Lars |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]