OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [saml-dev] Seeking a high-level understanding of the Name Identifier Mapping Protocol

> Well, Entity A doesn't know anyone by this name, so Entity A 
> sends a NameIDMappingRequest to IdP, "Hey, what other names 
> does technowhiz@hotmail.com <mailto:technowhiz@hotmail.com>  
> have?"  Here's how that is generally expressed in XML:

That's not the question that a NameIDMappingRequest asks. It's not "what
other names", it's "give me the name with these properties...".

> Question #1: does this scenario accurately capture the 
> purpose and mechanism of the Name Identifier Mapping Protocol?  

No. See above. It's mainly for cross-walking federated/persistent IDs across
namespaces. Usually the Format is just "persistent" and the SPNameQualifier
is the varying factor.

Liberty itself isn't even using it now. The need for batch requests and more
freedom in the representation led to a new Identity Mapping protocol in WSF

> Question #2: suppose the principle goes by more than two 
> names; how does IdP reply with all the names?

It doesn't, that's not the point of the protocol.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]