OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Comment on sstc-saml-glossary-2.0 (also closes AI #0114)

> [proposed-definition]
> An principal's identity is said to be federated between a pair (set) of
> providers when there is agreement between the providers on an identifier
> (or a class of identifiers) and a time-period during which the 
> identifier is to be used to refer to the principal.
> [/proposed-definition]

I think "identity" is a lot of things, not just a particular identifier, but
a "federated identifier" is, well, an identifier that should meet certain
defined properties.

Notice I have not attempted any definition of identity here, merely
suggested that there is an aspect of identity that has to do with
federation; and this aspect is manifested as an identifier under certain

Perhaps we need to split that up in the glossary and talk about identity
federation separately from "federated identifier", if we even have to define
the former at all.

OK, I agree there may be other ways to go, BUT I don't believer we can avoid
defining identity federation in some form or the other in the specification.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]