OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Comment from: moebs@wiwi.uni-frankfurt.de


Comment from: moebs@wiwi.uni-frankfurt.de

Although a Single Logout protocol is introduced in the
forthcoming SAML 2.0 specification, the problem of
local session timeouts is not addressed.

Local session timeouts raise two important questions:
1.) What happens if the Identity Provider's local
session times out?
2.) What happens if one of the Service Provider's
local sessions time out?

To my mind, the introduction of a Single Session
Keep-Alive Protocol could help answer these questions.

Will the problem of local session timeouts be
addressed in one of the forthcoming revisions of the
SAML specification?




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]