[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: Shibboleth and credential negotiation
Anders, >> What is likely is that we will have "canned" sets of >> well-known attributes. And that we'll have a means >> of extensibility. > > If applied to A2ML that would be in the form of a "Shibboleth partner" XML schema definition? I don't know. We have yet to get to that level of detail. We do expect to use A2ML (or is it SAML?) where we can (and get inspiration from other work). We are definitely not suffering from NIH! >> We are arguing whether or not there is the possibility >> of a target site "asking" for what it wants. The two >> extremes cases are: (1) the target always asks for what it >> wants from an attribute authority; (2)the set of attributes >> to be sent is pre-configured (at the source) on a "per site" >> basis and no asking is needed or permitted. > >I don't consider this as two extremes, I would rather characterize this >as the *only* two possibilities, where (2) represent the current >A2ML solution. If there really is a *third* option what would that >look like? A third possibility is that a pre-configured set of attributes get sent to the target, but the target gets to ask for others. Regards, Marlena Erdos IBM/Tivoli
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC