[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Proposed Enhancement for Dynamic Attribute Queries
+1 On 2012-03-26, at 3:52 PM, Cantor, Scott wrote: > On 3/26/12 9:15 AM, "Rainer Hoerbe" <rainer@hoerbe.at> wrote: > >> That would apply to both approaches, a new <AuthnAttributeRequest> >> message or attribute negoitation in the <AuthnRequest>. I understand that >> you challenge the use case for dynamic attribute requests at all? > > I've been known to call it "unrealistic" for the majority of deployments, > but there are certanly edge cases where you can imagine it might work. It > certainly won't be necessary most of the time, which is why it wasn't > presented as a use case to begin with. > > But to your comment, I strongly agree. Anything like this belongs in the > Extensions element, not as a new message type. That would be an interop > mess, and require new endpoints in metadata and new profiles all over the > place. Other than that caveat, it's fine. > > -- Scott > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: security-services-unsubscribe@lists.oasis-open.org > For additional commands, e-mail: security-services-help@lists.oasis-open.org >
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]