[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: SAML attributes for Kerberos
Thomas, > Reading this thread, am I correct in concluding > that much of what Jeff & Russell require > are in fact implementation-specific? > > - Was there any specific changes that need > to be done on the Kerberos attribute profile? The Attribute Profile definitely needs re-visiting in my opinion: 1. The CMU use-case is not captured in the current document. 2. The use-case that was meant to be captured in the current document has been stymied by a dependency on the WS-Security SAML Token Profile which we have subsequently discovered is unlikely to satisfy our original expectations. (Unfortunately (2) did not become apparent until we had started 60 day review, and I failed to register that that made the profile moot. I should have spotted that at the time.) However, I think much of the existing document and schema can be usefully re-purposed. josh.