[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] SAML2HoKAP question
Josh Howlett wrote on 2009-05-19: > Ok. So I assume that the NameID is used by the SAML issuer to name an > intermediate delegate who can wield the assertion as an attesting entity? Yes, but this is just informational. You don't have to do anything special to indirectly authenticate the delegate. It's there in case you don't want to allow delegation (which the condition does a much better job of ensuring, not to mention supporting a chain of delegates). -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]