[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Comment from: email@example.com
Comment from: firstname.lastname@example.org Although a Single Logout protocol is introduced in the forthcoming SAML 2.0 specification, the problem of local session timeouts is not addressed. Local session timeouts raise two important questions: 1.) What happens if the Identity Provider's local session times out? 2.) What happens if one of the Service Provider's local sessions time out? To my mind, the introduction of a Single Session Keep-Alive Protocol could help answer these questions. Will the problem of local session timeouts be addressed in one of the forthcoming revisions of the SAML specification?