Skip to Content.
Sympa Menu

mace-opensaml-users - RE: Use SAML Assertion as Kerberos Ticket

Subject: OpenSAML user discussion

List archive

RE: Use SAML Assertion as Kerberos Ticket


Chronological Thread 
  • From: Derek Atkins <>
  • To: Scott Cantor <>
  • Cc: "'Pham Hoai Van'" <>,
  • Subject: RE: Use SAML Assertion as Kerberos Ticket
  • Date: Wed, 23 Mar 2005 12:39:57 -0500

Quoting Scott Cantor
<>:

> > Relace Kerberos Ticket by SAML Assertion may not feasible. Ok, but using
> > publickey is really slow down performce of the system. And I really like
> > the security model of Kerberos with the use of symmetric key. I
> > will think about defining the format of Kerberos based on XML.
>
> SAML has no notion of public key or anything else. If your confirmation or
> HMAC key is symmetric, than there's no PKI involved.

How do you do your symmetric key exchange? In particular, how do you get the
shared secret between the subject (the user) and the SP (the service)?

> -- Scott

-derek

--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH


PGP key available




Archive powered by MHonArc 2.6.16.

Top of Page