OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Groups - authentication-context.pdf uploaded

>This enables SP to make the right business decision and execute the

I would say that this use case would be covered by an attribute assertion
and no need for a context, The context should just be an attribute

>No it's not, it has been explicitly designed so that it can be
separated....  It's addressing real business needs of a number of
>The example above is just on of the many business use cases related to
authentication context.

As I say above this should be looked at in the SAML context not the Liberty
context and lets look at using attributes and not pull in Liberty
infrastructure for the sake of it.

>Strength of an assertion is subjective and a business decision,
>context simply allows one to request a certain authentication mechanism
>then to be informed what mechanism was actually used. Any other semantics
>are related to the business model used within a specific transaction.

What value is this if there are interoperability issues with the
interpretation since its subjective to the application ? The application
should just use existing SAML infrastructure (attributes).

Anthony Nadalin | work 512.436.9568 | cell 512.289.4122

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]