[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] RE: How to provide SAML assertions in RESTful services
> Help me understand your suggestion for TLS? Today we use > mutual-authenticated-TLS to be sure the two systems talking are > authenticated/authorized. We use SAML for user. The TLS part is a way to get a secure key association between an assertion, the client, and subsequent requests. > I have not seen anything lately on ECP, so I was wondering if it was a > profile that had passed into history (4th Google hit on the topic gives > me back my own presentation on this for IHE many years ago). If it is a > good solution for RESTful, then I am good with looking at it again. ECP is a part of the standard that I leverage in Shibboleth when it's appropriate to do so. We built a SAML-based delegation strategy on top of it, and we've done work around other sorts of HTTP clients that use it. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]