OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [security-services] Re: Proposed Agenda for SSTC Call (May 18,2010)

>> Modeling the flows with an unsolicited response with an embedded
>> AuthnRequest in an extension would seem to me a safer way to ensure that the
>> provider really understands what it has received and what it's supposed to
>> do with it.
>
>Except that "safe" in that case probably would mean an inability to respond and the user would be stuck at the IdP. SPs don't like that.

An IdP would be very unlikely to expose an AssertionConsumerService by accident, but I can see your point.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]