[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Comment on sstc-saml-glossary-2.0 (also closes AI #0114)
> From a use-case point of view, I think this capability (to request that > a new federation not be created if one doesn't already exist) is most > useful in combination with passive authentication requests, where the > idea is to probe for an existing federation in combination with an > active session. The idea being that, even if an active session exists > at the IdP, I might want to have users explicitly choose to federate > with my site if they haven't done so before. Note that this overlaps > somewhat with the idea of 'consent' in ID-FF. Exactly what I've been trying to say, thanks. I'm only objecting to this being characterized as a "privacy" issue or some kind of critical control flag for the SP to make the system function properly. It's a UI consideration. It may or may not make sense to actually use the consent flag for this, but that's what it's about. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]