OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: ISSUE: Relying Party tailors assertion in browser artifact profil e

TC Members,
The Bindings group has discussed an extension of the web 
browser profile as given in bindings-05. The main idea here is to
extend the "artifact-to-assertion lookup" step with the inclusion
of attributes desired by the relying party. This would save an
extra-roundtrip as otherwise the RP must first retrieve 
AuthN (and other assertions) exposed via SAML artifacts and
only in the next step formulate its "own" attribute query to the AP.
A design proposal with discussion of pros and cons may be found in:
Inclusion of this functionality would have impacts both on the core schemas
and on the web browser profile. Both would need to be suitably extended.
There is a clear consensus that this represents a valuable extension to
our current framework. At the same time I would (personally) question
whether it is a "MUST HAVE" in SAML 1.0. Perhaps the TC can give
us some advice in this space.
- prateek

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC