OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] IdP Discovery

> Because we noted user experience aspects such as (from 
> previously cited NOTE in the Arch Overview)..
> 
>    The implications with a session cookie are that it will 
> disappear from the user agent cookie cache when the user logs out
>(although this action would have to be explicitly implemented) or when the
> user agent is exited. This

So clearly, ID-FF did not really distinguish the use cases, so Greg's right,
as usual. Of course, none of that stuff got reproduced in any SAML docs, we
just copied the profile itself, so it's fair to say we have ambiguous intent
and need an errata one way or the other, or it's being explicitly left to
deployers.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]