OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [ws-sx] Issue 31: Token properties

> As for what elements/attributes may be required in a SAML 
> token request, the SAML AuthnRequest is a good place to 
> start. The STS may need to know, for example, what name id 
> policy to use when generating a SAML token.

I actually argue that in fact SAML assertions are merely rich wrappers
around the actual security technology, which is expressed in
SubjectConfirmation. If you want to capture the "token type", WS-SP would do
better to at least identify the confirmation method, not "SAMLv2".

Existing practice around the use of SAML as web service mechanisms suggests
that that approach has some merit.

That alone is still worthless for meaningful use cases, just a little less

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]