OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Public Comment

Comment from: moebs@wiwi.uni-frankfurt.de

Although a Single Logout protocol is introduced in the forthcoming SAML 2.0 specification, the problem of local session timeouts is not addressed.

Local session timeouts raise two important questions:
1.) What happens if the Identity Provider's local session times out?
2.) What happens if one of the Service Provider's local sessions time out?

To my mind, the introduction of a Single Session Keep-Alive Protocol could help answer these questions.

Will the problem of local session timeouts be addressed in one of the forthcoming revisions of the SAML specification?

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]