[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [saml-dev] holder-of-key subject confirmation
|
I think we are in agreement. I had added: "It would seem that the main reliance of the RP in this scenario is on the trust it has in C2, and the saml assertion can be thought of possibly as a 2nd factor of authentication, making the RP more confident in C2, then it would be otherwise." indicating that in addition to "bearer" capability, the fact that the subject names agree means that if the scenario is primarily thought of as single factor x.509 based on C2, then the user can add the saml(hok) assertion in as a 2nd factor, which adds significant value. My point is that in this scenario, RP places primary trust on C2, and only uses IdP to augment that trust, but IdP is not accountable for anything user does based on C2. I guess the only thing I am wondering about is why the IdP would issue an hok to a user who did not intend to use the hok. i.e. would not a bearer token be more appropriate for such a use? (Generally, by issuing an hok, and IdP is authorizing the user to submit a whole collection of information that the IdP has in some sense agreed to be a party to. As such the IdP would probably want to limit its issuance of hok assertions to users who would only be authorized to act within some defined scope of activity. If the IdP did not want to be involved in any such scope, then from a subject confirmation perspective I think the bearer token would offer the same amount of authenticity without leaving an open-ended capability that might implicitly tie the IdP to any particular use of the assertion.) Thanks, Rich Tom Scavo wrote: ea2af9bd0805121604k270ea838xb2f4ca23004d655@mail.gmail.com" type="cite">On Mon, May 12, 2008 at 6:47 PM, Rich.Levinson <rich.levinson@oracle.com> wrote: |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]