OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] [Fwd: Re: OpenID Mobile Profile?]

Paul Madsen wrote on 2009-02-03:
> I believe the concern is the possible absence of javascript for
> implying a user click

FWIW, I haven't seen any without Javascript lately either, but whatever.
There's nothing productive I could say in response to that.

> yes, I agree. But, with our binding it is the IDP that sends the
> artifactresolve message to the SP , and I think thats what Nat is trying
> avoid have happen.

Not in the common case. You mean to send a *request* by artifact? Nobody
really does that, and mostly we use Redirect. So that's not a JavaScript
issue, that's a length limit concern, I guess?

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]