[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Proposed Enhancement for Dynamic Attribute Queries
Hi Leif
If you have a model of an all attribute providing IDP, and an SP that offers multiple services with different authz requirements, then you need a feature such as thisNo. You need a feature like this if you need to support _dynamic_ authz requirements. Supporting authz at all is sufficiently difficult for SPs.
the meta data approach is problematical for at least two reasonsi) you get a combinatorial explosion of alternatives if each has to be separately statically specified in the metadata
ii) at least one well known implementation (SimpleSAMLPHP) only supports the first metadata entry regardless of how many are actually present in the metadata.
regards david
Cheers -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk9yvAwACgkQ8Jx8FtbMZnfyOgCgw40n92l9xH7brViPSODIDaBB g3QAoIG/GtcrGSW7Hw9TcciEzA4aWfOH =J+2t -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: security-services-unsubscribe@lists.oasis-open.org For additional commands, e-mail: security-services-help@lists.oasis-open.org
-- ***************************************************************** David W. Chadwick, BSc PhD Professor of Information Systems Security School of Computing, University of Kent, Canterbury, CT2 7NF Skype Name: davidwchadwick Tel: +44 1227 82 3221 Fax +44 1227 762 811 Mobile: +44 77 96 44 7184 Email: D.W.Chadwick@kent.ac.uk Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html Research Web site: http://www.cs.kent.ac.uk/research/groups/iss/index.html Entrust key validation string: MLJ9-DU5T-HV8J PGP Key ID is 0xBC238DE5 *****************************************************************
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]