security-services message

Subject: Re: [security-services] Using SAML Artifacts in the WSS SAML TokenProfile

From: Ron Monzillo <Ronald.Monzillo@Sun.COM>
To: "Conor P. Cahill" <concahill@aol.com>
Date: Fri, 08 Jul 2005 13:02:22 -0400

Conor P. Cahill wrote:

> 
> Greg Whitehead wrote on 7/7/2005, 11:55 AM:
> With the artifiact model, we get around this since the PII goes
> directly from the issuer to the recipient rather than through
> a third party.
> 
> Conor
>

Would exchange of a (non-encrypted) assertion id introduce any privacy 
concerns that do not apply when artifacts are exchanged?

Follow-Ups:
- Re: [security-services] Using SAML Artifacts in the WSS SAML Token Profile
  - From: Greg Whitehead <grw@trustgenix.com>

References:
- RE: [security-services] Using SAML Artifacts in the WSS SAML Token Profile
  - From: "Scott Cantor" <cantor.2@osu.edu>
- Re: [security-services] Using SAML Artifacts in the WSS SAML TokenProfile
  - From: Ron Monzillo <Ronald.Monzillo@Sun.COM>
- Re: [security-services] Using SAML Artifacts in the WSS SAML Token Profile
  - From: Greg Whitehead <grw@trustgenix.com>
- Re: [security-services] Using SAML Artifacts in the WSS SAML Token Profile
  - From: "Conor P. Cahill" <concahill@aol.com>