Subject: Re: [security-services] SAML deployments that use consent step?
On 9 Nov 2009, at 12:45, Paul Madsen wrote: > Do we have any sense of what fraction of SAML deployments have a > consent step? Whether or not they explicitly leverage the protocol's > dedicated mechanisms? We have a few hundred IdPs in our federation and I'm not aware of any of them using a consent step. > There would seem to be an assumption in the outside world that, > since SAML is often deployed between existing biz partners, consent > isnt necessary..... Obtaining consent isn't a practice that we recommend to our members, and we generally advise against it. It is sometimes argued that there are cases where it might be useful/necessary, but in our context these are typically the exception. josh.