OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [security-services-comment] Re: http://saml.xml.org/news/holder-of-key-web-browser-sso-profile


> I agree that the SPprovidedID seems to be a place, but it doesn't work
> well, if you have several ids that you want to process.

That is definitely not the right place. Not sure what you think that
attribute means, but it isn't that.

> The case is that a serviceprovider may use several of the possible
> identifiers, an email, a global company id, etc.

Then you put them into SAML attributes.

> Can't "Additional data that allows the subject to be confirmed" be
> interpreted
> as 'The subject is confirmed because according to our policy, we were
> successfully able to determine the following additional identifiers which
> are represented in the form of NameId' which we include in the
> SubjectConfirmation"

No, not really.
 
-- Scott




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]