saml-dev message

Subject: RE: [saml-dev] question on Holder fo the key

From: Eric Heflin <eheflin@medicity.com>
To: "Cantor, Scott E." <cantor.2@osu.edu>, "swu@axolotl.com" <swu@axolotl.com>
Date: Tue, 24 May 2011 11:39:55 -0600

Also, wouldn't the "bearer" SubjectConfirmation method be a closer match to these requirements than "holder-of-key"?

Eric Heflin
Dir of Standards and Interoperability
Medicity
THE Standard for Meaningful HIE.牋牋牋 
www.medicity.com
801.415.2672 (o)
801.674.2313 (m)
eheflin (Skype)

-----Original Message-----
From: Cantor, Scott E. [mailto:cantor.2@osu.edu] 
Sent: Tuesday, May 24, 2011 11:24 AM
To: swu@axolotl.com
Cc: saml-dev@lists.oasis-open.org
Subject: Re: [saml-dev] question on Holder fo the key

On 5/24/11 1:20 PM, "swu@axolotl.com" <swu@axolotl.com> wrote:

>I guess then my question would be how
>would SAML establish trust relationship in HOK case if no certificate 
>is included (neither from IdP nor Client).

Out of scope.

And for the record, if you establish trust based on the certificate directly, you probably wouldn't need SAML.

-- Scott


---------------------------------------------------------------------
To unsubscribe, e-mail: saml-dev-unsubscribe@lists.oasis-open.org
For additional commands, e-mail: saml-dev-help@lists.oasis-open.org

Follow-Ups:
- RE: [saml-dev] question on Holder fo the key
  - From: swu@axolotl.com
- Re: [saml-dev] question on Holder fo the key
  - From: "Cantor, Scott E." <cantor.2@osu.edu>
- RE: [saml-dev] question on Holder fo the key
  - From: Eric Heflin <eheflin@medicity.com>

References:
- Re: [saml-dev] question on Holder fo the key
  - From: swu@axolotl.com
- Re: [saml-dev] question on Holder fo the key
  - From: "Cantor, Scott E." <cantor.2@osu.edu>