security-services message

Subject: Re: [security-services] NIST prohibits use of SAML assertions atLOA 4

From: =JeffH <Jeff.Hodges@neustar.biz>
To: OASIS SSTC <security-services@lists.oasis-open.org>
Date: Fri, 27 Jun 2008 16:30:25 -0700

Cahill, Conor P wrote:
 >
 > Yeah, but then they should be saying that they don't allow the browser
 > SSO profile rather than disallowing the assertions.

agreed.

=JeffH

References:
- NIST prohibits use of SAML assertions at LOA 4
  - From: "Staggs, David (SAIC)" <David.Staggs@va.gov>
- Re: [security-services] NIST prohibits use of SAML assertions at LOA4
  - From: Eric Tiffany <eric@projectliberty.org>
- RE: [security-services] NIST prohibits use of SAML assertions at LOA 4
  - From: "Scott Cantor" <cantor.2@osu.edu>
- RE: [security-services] NIST prohibits use of SAML assertions at LOA 4
  - From: "Cahill, Conor P" <conor.p.cahill@intel.com>