Shibboleth Developers

At 1:32 PM -0400 9/24/03, Scott Cantor wrote:
>  > maybe using PKI, and presenting a cert, would answer this 
> >  question, too
>
> Well, it doesn't prove anything, really, since the cert's public. If I trust
> the SHAR to not just hand me a cert for fun, it works. The handle scheme
> isn't really secure per se by design, but it puts the onus on a bad SHAR to
> invent a valid handle. In the crypto handle case, that's a fairly secure
> cross check.

hmmm...  so currently the HS provides a "hard to guess, secret value" 
to the target, and the target  uses this to refer to a user, when 
retrieving attributes......

if the target doesn't have such a value, but does have publicly 
available information (eg a userid, a cert), is there a technical 
solution the AA can use to satisfy itself that this is a valid 
request? Or does it have to rely on policy (ie I know this SHAR, and 
it has agreed to behave....)

------------------------------------------------------mace-shib-design-+
For list utilities, archives, subscribe, unsubscribe, etc. please visit the
ListProc web interface at 

   http://archives.internet2.edu/

------------------------------------------------------mace-shib-design--