[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Proposed Enhancement for Dynamic Attribute Queries
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/28/2012 11:31 AM, David Chadwick wrote: > Hi Scott > >> >> What I do think is that whatever extension were to be adoped for >> an AuthnRequest should also be defined as usable in metadata as >> a replacement for AttributeConsumingService. >> > > As privacy becomes more important, then the IDP may not know which > SP the attributes are eventually destined for, in which case it > will not have the meta data to consult. How would you propose to > handle this case By exposing each service as a separate SP. I understand virtualization would happen but keeping metadata granular to the level of services is easy and already being done by vendors. Cheers Leif -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk9y24EACgkQ8Jx8FtbMZneB1ACgp+hMLjMyGWKuzvIglbaEAkCR 8V8AoMUPQ8dylcwOZGJvkwmv+FPXX+P0 =jGmh -----END PGP SIGNATURE-----
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]