[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: Comments on S2ML 0.8a
Nigel, <snip> > The HTTP binding suggests using the hash of URI as the SenderIdentifer > and also AssertionIdentifier. Presumably this is because of a concern > over the length of URIs that might appear in headers. This seems to > assume a model of closely coupled sites: one in which the URIs of the > sending site are already known in advanced. Thus the hash is sufficient > to identify the sender to whom the request for the assertion needs to be > sent. Is it possible to support more dynamic scenarios in which sending > sites might not be known in advance? Without going to Challenge-Response, S2ML will depend heavily on manual configurations not only for URIs, but for credential pulling method (push orl pull). This renders S2ML limited to the secenario you mentioned: Closely coupled sites. <snip> Regards Anders Rundgren CEO X-OBI +46 70 - 627 74 37
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC