OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] SAML deployments that use consent step?

Phil Hunt wrote on 2009-11-09:
> It may also be useful for the RP to state a purpose for use. Such as we
> suggested with igf privacy constraints.

I certainly don't mean to imply that there aren't important bits missing

> That supports Scott's assertion that it is still the IDP that evaluates
> consent.

As Conor said, I think the best way to think of that feature is that it's
best used if the IdP is really and truly outsourcing consent, and wants the
audit trail. But it's not clear in general that the spec is explicit about
what consent is being given to do, so that makes it fairly questionable.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]