Shibboleth Developers

["David L. Wasley" <>]

<flame_target asbestos="on">

We've always said the answer to the WAYF is not a security issue 
since a false answer simply results in failure to gain access.  So 
why not let the user give "advice" to the WAYF?

This might work in the following way.  When the user first goes to a 
new resource, the SHIRE (new term?) could look for a parameter of the 
form userhome=<origin_name> - i.e.
   www.jstore.com/shibentry.html?userhome=UC%20Berkeley

This parameter would be passed on to the WAYF and displayed as the 
"default" origin, er, Credential Provider for the user.  I'd guess 
that in 90+% of the cases the user would simply hit RETURN.

If this was supported, then users could "bookmark" the URL (and 
optionally add or even edit the userhome parameter) and then life 
would be good.  They could have bookmarked URLs with different 
userhomes for the various origins that know them, etc.

Just a thought.

</flame_target>

        David