[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] RE: How to provide SAML assertions in RESTful services
> > > Help me understand your suggestion for TLS? Today we use > > mutual-authenticated-TLS to be sure the two systems talking are > > authenticated/authorized. We use SAML for user. > > The TLS part is a way to get a secure key association between an assertion, > the client, and subsequent requests. > So what specification do you use to associate a user's SAML assertion with the TLS client-authentication? And is this in addition to authenticating the client system? We don't want to have well-intentioned users to be authenticated strongly, but be using a system that is not secured (public computer).
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]