security-services message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [Elist Home]
Subject: [security-services] AI-38. Jahan,Scott & Prateek to draft changes to profiles for ne w destination site firstflows
- From: "Mishra, Prateek" <pmishra@netegrity.com>
- To: "'security-services@lists.oasis-open.org'"<security-services@lists.oasis-open.org>
- Date: Tue, 18 Feb 2003 11:54:15 -0500
Report on discussion
between Scott, Jahan and Prateek:
(1)
What is proposed set
of flows for SAML 1.1?
Answer:
We were guided by the
experience of the SAML interOp and Shiboleth (internet2) and
focussed on a minimal
extension that would provide added value by completing the
existing web browser
profiles.
We propose to focus on the
flows described in Use Case 1, Scenario 1-1 and 1-2 of
Flow 1-3 was excluded as it
includes an additional interaction step between source and
destination
site which (a) exceeds the
desired minimalism,
(b) can be added to
flows 1-1 and 1-2 should
source and destination site
so desire.
The flows
in
are more expressive and
introduce a new actor called a "Source Site Selector".
Formalizing the
interactions between the destination site, Source Site Selector
and
destination site selector
is a good size step. The suggestion would be to defer this
to SAML
2.0.
(2)
Two flavors of "SSO
Initiation Profiles" are proposed: FORM-oriented and
URL oriented. The two will
be closely related but not identical. Scott has proposed
schema and flows for the
FORM case. This information may be found in documents
sstc-bindings-extensions-01
sstc-core-extensions-01
which are enclosed with
this message.
-
prateek
Attachment:
sstc-core-extensions-01.doc
Description: MS-Word document
Attachment:
sstc-bindings-extensions-01.doc
Description: MS-Word document
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [Elist Home]
Powered by eList eXpress LLC