[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] SAML newbie question - do cross IdP trusts exist in SAML?
> Yes, agree. In Kerberos there is the notion of proxy-as-self > (impersonation), where I could get another entity to request services on my > behalf. I believe this was designed to overcome some delegation-related > hurdles. I'm not sure if impersonation would be acceptable for SPs and IdPs > (specially for value transactions). SAML doesn't define an explicit protocol for impersonation because authentication is out of scope already. If you ask for an assertion about somebody other than the authenticated identity, that's left to policy. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]