[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: Use Cases & Requirements, Straw Man 1
Darren,
From strawman 1:
Fig 3. Single Sign-on, Third-Party Security Service.
1. Web user authenticates with security service.
2. Security service returns [OSSML] authentication reference to Web user.
3. Web user requests resource from destination Web site, providing authentication reference.
I don't believe I understand how this third step is supposed to be performed.
MS-Passport seems to implement something similar but uses another model
where the SSO is invoked from the destination site. This is a better model IMO
Regards
Anders
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC