[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: Proposed Agenda for SSTC Conference Call, Dec 23
> Solution Proposals for review on Dec 23: > ---------------------------------------- > > W-6: Proxied SSO The solution proposal obviously depends heavily on the extended browser profiles, so all I can point to currently is the submitted material from ID-FF, which is in section 3.2.2.7 of http://www.projectliberty.org/specs/liberty-idff-protocols-schema-v1.2.pdf (This document is in the SSTC document list somewhere, but this link is easier.) There are some problems with this solution involving insufficient controls available to both the requester and the IdP on the use of proxied SSO assertions, but some work has been going on to formulate proposals to fix this that I think will be submitted soon. > W-7: Discovery Protocol The so-called "Introduction" protocol in section 3.6 of http://www.projectliberty.org/specs/liberty-idff-bindings-profiles-v1.2.pdf is the input proposal to work from. The main issues to address are from the interop experiences with this protocol, and involve the unnecessary use of hashing and some ambiguity about the encoding of the cookie value. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]