OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: Does SAML browser binding assume existing SSO infrastructure? wasRE: one time use saml artifact


Personally I have no problem with this approach, as our product like yours
currently has these mechanisms, but in past, others have expressed an
intention to use SAML as the entire infrastructure. This would require that
SAML specify the entire solution without any such preconditions. I recall
Irving Reid, for one, expressing this view. Perhaps this assumption in your
approach should be raised more explicitly to TC as a whole.



Hal, I am not a use-case fundamentalist, but I would have to
say that such a broad expansion of our efforts would require
a substantial revsion of the use-case document. I do not view this
as an "assumption in my approach" -- instead I view this as a direct
consequence of the current use-case and requirements
document. At any rate, we will 
certainly get (more than) a chance to discuss it at the f2f
and later.

- prateek

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC