OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [security-services] SAML deployments that use consent step?


On 9 Nov 2009, at 12:45, Paul Madsen wrote:
> Do we have any sense of what fraction of SAML deployments have a  
> consent step? Whether or not they explicitly leverage the protocol's  
> dedicated mechanisms?

We have a few hundred IdPs in our federation and I'm not aware of any  
of them using a consent step.

> There would seem to be an assumption in the outside world that,  
> since SAML is often deployed between existing biz partners, consent  
> isnt necessary.....

Obtaining consent isn't a practice that we recommend to our members,  
and we generally advise against it. It is sometimes argued that there  
are cases where it might be useful/necessary, but in our context these  
are typically the exception.

josh.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]