OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: [security-services] New high level SSO use cases

Scott -
This is great start. Thanks for putting this document together. I do have
one question/comment.

In Scenario 1-1 (SSO with destination site first), I assume that the user
may or may not have been authenticated at the source site. I.e., once the
user is redirected to the source site, he/she may or may not have to
actually authenticate via permanent credentials. If an authenticated session
exists between the user and the source site, then the source site simply
produces the artifact/assertion. If my assumption is incorrect, perhaps we
need to add a new scenario to cover this flow. If it is correct, it may be
worthwhile stating it explicitly.

Thank you again,
Jahan Moreh
Chief Security Architect

> -----Original Message-----
> From: Scott Cantor [mailto:cantor.2@osu.edu]
> Sent: Thursday, January 30, 2003 5:47 PM
> To: SAML
> Subject: [security-services] New high level SSO use cases
> And I do mean high level.
> I think I captured the primary one Jahan and Prateek (among
> others) were discussing (which is more or less what Shibboleth has,
> roughly speaking).
> I then included a pair of scenarios that in my mind capture most
> of my "fancy" requirements at a non-technical level; that is,
> having the ability to pass context information (of whatever sort)
> from destination to source to affect the SSO process.
> This would presumably be, in Bob Morgan's words, "a structured,
> extensible format", and is obviously ground plowed by Liberty phase
> 1.
> Anyway, I included a few names as additional contributors on this
> individual submission, but please let me know if you violently
> object to something and want your name taken off. ;-)
> -- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC