Shibboleth Developers

[Scott Cantor <>]

> The Shib handle has a lot of built-in defenses against 
> replay, etc., so we believe it's pretty trustworthy.

The Shib handle, or the SAML bearer assertion? Please lets make sure our
terminology is clear here.

The handle is a name. It has no replay protection or much of anything else,
and sharing it around freely would mean that any valid requester to an AA
could get attributes about that handle for the life of the handle (we should
be scoping it to a given target, but we didn't, mainly because we didn't
have a language or protocol support to express who the target really is).

I think we're just miscommunicating on the terms, but I want to make sure.
We really need to rewrite the Shib arch doc to just eliminate all this extra
terminology, it's just confusing now. We're SAML, plain and simple. Well,
sort of simple...

-- Scott