OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [security-services] SAML 2.0 tech overview - initial diagrams


Scott,

I would recommend that 4.1.3.5 should be re-written to remove the SSO
service to local ITS transfer - so that the SSO service issues the redirect
directly to the user agent.   This simplifies the message interactions -
benefiting performance and configurability.

Whilst doing this I would also address my previous comment about the
IDP-initiated flow of the text from line 331 to section 4.1.3.5 - plus have
some additional words on the artifact binding.


John



> -----Original Message-----
> From: Scott Cantor [mailto:cantor.2@osu.edu]
> Sent: 30 June 2004 21:31
> To: 'John Hughes'; 'oasis sstc'
> Subject: RE: [security-services] SAML 2.0 tech overview - initial
> diagrams
>
>
> > that was also one of my queries in producing the diagrams - it wasn't
> > clear (at least after a few readings) - whether Response/Artifacts
> > should/could go via the IdP ITS.  Below implies that you
> believe the SSO
> > service should send the response/artifact (via the appropriate binding)
> > directly to the SP?  I must admit the SSO->ITS step seemed unnecessary.
>
> I'm not sure how we want to describe it. I guess in part I was
> just building
> around what some of the pieces were in the original profile, but
> it may just
> be harder to understand that way.
>
> Should I just remove that piece from the profile?
>
> -- Scott
>
>
> To unsubscribe from this mailing list (and be removed from the
> roster of the OASIS TC), go to
> http://www.oasis-open.org/apps/org/workgroup/security-services/mem
> bers/leave_workgroup.php.



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]