[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] Distributed IDP model
> Yes, but SAML doesn't stop the implementation of IdP & CIA as > two independent IdPs where the interfaces exposed and feature > set supported between IdP and CIA may be different (less feature > rich) than the interfaces between the CIA and the relying parties > while still being SAML compliant. And that is the direction that > I think they should be moving in. The problem with adding a third entity (whatever you call it) is that that's not how the SSO profile is defined. So it's a new profile, which is fine, but that wasn't quite the thrust of the original question. > I was speaking to there being two logical parties, not in the > split-up of the internal implementation of an IdP. Right, thus SP + "two other entities", which could be SSO via proxying (but this appears to not be that) or something new. And I haven't figured out what that something new would be or why I'd want it. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]