[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Re: Proposed Agenda for SSTC Call (May 18, 2010)
Thanks for the discussion on this. Really appreciate your input...keep it coming! Unfortunately I'm stuck in meetings all week or I'd be in the dialog. But just wanted to say, you seem to have the issues understood from my perspective. I think one important item that was raised is that the SP would like to get control back from the Target IDP regardless of success/ failure. One discussion point raised on the call is that the SP may then wish to issue a de-provision request with the "local IDP" (we can talk about that particular operation later). It does seem to me that it would be bad news if the SP did that without knowing the success or failure of the original request because the user got "stuck" at the Target. Never-the-less, maybe this could be a situation that "auto- heals" if the user shows up at a future date having been authenticated by the Target IDP first. Phil phil.hunt@oracle.com On 19-May-10, at 8:55 AM, Scott Cantor wrote: >> An IdP would be very unlikely to expose an AssertionConsumerService >> by >> accident, but I can see your point. > > AFAIK, many commercial products are gateways and include both roles > in many cases. > > -- Scott > > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]