[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] SAML 2.0 tech overview - initial diagrams
Scott, I would recommend that 4.1.3.5 should be re-written to remove the SSO service to local ITS transfer - so that the SSO service issues the redirect directly to the user agent. This simplifies the message interactions - benefiting performance and configurability. Whilst doing this I would also address my previous comment about the IDP-initiated flow of the text from line 331 to section 4.1.3.5 - plus have some additional words on the artifact binding. John > -----Original Message----- > From: Scott Cantor [mailto:cantor.2@osu.edu] > Sent: 30 June 2004 21:31 > To: 'John Hughes'; 'oasis sstc' > Subject: RE: [security-services] SAML 2.0 tech overview - initial > diagrams > > > > that was also one of my queries in producing the diagrams - it wasn't > > clear (at least after a few readings) - whether Response/Artifacts > > should/could go via the IdP ITS. Below implies that you > believe the SSO > > service should send the response/artifact (via the appropriate binding) > > directly to the SP? I must admit the SSO->ITS step seemed unnecessary. > > I'm not sure how we want to describe it. I guess in part I was > just building > around what some of the pieces were in the original profile, but > it may just > be harder to understand that way. > > Should I just remove that piece from the profile? > > -- Scott > > > To unsubscribe from this mailing list (and be removed from the > roster of the OASIS TC), go to > http://www.oasis-open.org/apps/org/workgroup/security-services/mem > bers/leave_workgroup.php.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]