OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Question on SP initiated authentication & provisioning first time user

> Provisioning of claims seems to be a natural part of the life-cycle
> between SPs and IDPs. After-all, SPs also generate claims themselves.

Yes, but many IdPs will be unwilling to store them IMHO.
> That said, I agree, provisioning probably isn't a big issue right now
> if your use case focuses on SSO and can use bulk provisioning within a
> tight vertical.

I'm still not getting the provisioning problem you're trying to solve,
unless it's identity portability.
> I agree, SPML could potentially work fine if agreed on an profiled in
> the context of SAML. Without that, the real issue is too many choices
> and no agreement in advance on standards.

Of course.

> SAML also has a different way of handling identifiers.  Would SPML be
> compatible with SAML use cases?

I would have assumed SPML wasn't crazy enough to try to dictate identifiers.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]