OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [saml-dev] FW: Help with what standards support these WebServices calls?

> As someone else noted, WS-Trust could also be used for steps 1 & 2. The
> main advantage in using WS-Trust vs.. SAML Authn Req is that WS-Trust has a
> mechanism for conveying a key back to the requestor (corresponding to the
> key in the Token) which can then be used for message protection and to bind
> the SAML Assertion to the message contents, assuming Agency 1 & Agency 2
> have the necessary cryptographic capabilities. With SAML Authn Req, Holder
> of Key Subject confirmation cannot be used unless some other means of key
> distribution is provided.

Anything you can do with WS-Trust, you can do with SAML. I'd go so far as to say the interoperability is about as likely too (if not higher).

In this specific case, using an attribute is a trivial way to communicate a key back.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]