[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] RE: AuthenticationMethod / NameIdentifier and Kerberos authentication
Tim, I am working on the AuthnContext, and the mapping of SAML authentication methods to either the AC schema itself, or where possible, appropriate authentication context classes. I am working on a new draft of the document, and believe it will deal with your concerns as we've discussed in this thread. Cheers, - JohnK ext Tim Alsop wrote: > Yes, I think the sense is that we're going to be able to dump Method and > move it into a set of context class URIs, that would keep the URIs the > same, > if we want. Or if we change them, then it's moot, I guess. And context > classes are not the best way to capture preauth, given the potential > variability, so using actual AuthnContext statements and making sure the > SAML schema for that can capture this information is the real work item. > > Tim> So, can I assume that AuthnContext has been, or will be specified > to support Kerberos pre-auth ? I guess I am just making sure that this > work item is currently owned by somebody ? >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]