[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] SAML deployments that use consent step?
On 9 Nov 2009, at 12:45, Paul Madsen wrote: > Do we have any sense of what fraction of SAML deployments have a > consent step? Whether or not they explicitly leverage the protocol's > dedicated mechanisms? We have a few hundred IdPs in our federation and I'm not aware of any of them using a consent step. > There would seem to be an assumption in the outside world that, > since SAML is often deployed between existing biz partners, consent > isnt necessary..... Obtaining consent isn't a practice that we recommend to our members, and we generally advise against it. It is sometimes argued that there are cases where it might be useful/necessary, but in our context these are typically the exception. josh.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]