saml-dev message

Subject: RE: [saml-dev] SAML2HoKAP question

From: "Scott Cantor" <cantor.2@osu.edu>
To: "'Josh Howlett'" <Josh.Howlett@ja.net>, "'Tom Scavo'" <trscavo@gmail.com>
Date: Tue, 19 May 2009 20:44:17 -0400

Josh Howlett wrote on 2009-05-19:
>  Ok. So I assume that the NameID is used by the SAML issuer to name an
> intermediate delegate who can wield the assertion as an attesting entity?

Yes, but this is just informational. You don't have to do anything special
to indirectly authenticate the delegate. It's there in case you don't want
to allow delegation (which the condition does a much better job of ensuring,
not to mention supporting a chain of delegates).

-- Scott

Follow-Ups:
- RE: [saml-dev] SAML2HoKAP question
  - From: "Josh Howlett" <Josh.Howlett@ja.net>

References:
- SAML2HoKAP question
  - From: "Josh Howlett" <Josh.Howlett@ja.net>
- Re: [saml-dev] SAML2HoKAP question
  - From: Tom Scavo <trscavo@gmail.com>
- RE: [saml-dev] SAML2HoKAP question
  - From: "Josh Howlett" <Josh.Howlett@ja.net>
- RE: [saml-dev] SAML2HoKAP question
  - From: "Josh Howlett" <Josh.Howlett@ja.net>