security-services message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Using SAML Artifacts in the WSS SAML Token Profile
- From: "Conor P. Cahill" <concahill@aol.com>
- To: SAML <security-services@lists.oasis-open.org>
- Date: Wed, 6 Jul 2005 12:34:00 -0400
So, I'm looking at the latest SAML Token Profile document for the WSS
and though it worth mentioning that we consider documenting how one
would use a SAML artifact as a bearer token.
The main benefit from the artifact model is that the assertion is only
seen by the recipient rather than going through a third party (and thus
being subject to offline analysis and attack). Yes, you can save space
and not sign assertions as well, but I think the restricting the
visibility of the assertion to just the recipient is even stronger.
Of course, this probably isn't much use with other confirmation methods.
Is there other interest in doing so?
Conor
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]