security-services message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: RE: [security-services] Credentials Collector proposal for SAML 2.0...
- From: "Mishra, Prateek" <pmishra@netegrity.com>
- To: 'Carlisle Adams' <carlisle.adams@entrust.com>, "'security-services@lists.oasis-open.org'" <security-services@lists.oasis-open.org>
- Date: Tue, 1 Apr 2003 11:37:02 -0500
Title: Credentials Collector proposal for SAML 2.0...
Carlisle,
I think the main
use-case of interest to us is CC as translator (case 2.2). I am curious though
why you used the term "translator" instead of "proxy" or "intermediate". I had
thought of this as a case where some entity other than the AA collects
credentials and then interacts with the AA to obtain a SAML assertion or other
proof of authentication (e.g., such as a proprietary token). BTW, what is your
view of the AA returning a proprietary token? I guess as long as it was
"wrapped" in SAML we are OK.
Examples of such
internediates include web farms or a web site that communicates with my "home
site" (e.g., place of employment) for authentication
purposes.
I agree with your
recommendation that we focus on Type 1 messages in case 2.2. So our main focus
would be defining an expressive request-response protocol between CC and
AA.
-
prateek
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]