shibboleth-dev - Re: comments: draft-mace-shibboleth-arch-protocols-03
Subject: Shibboleth Developers
List archive
- From: Tom Scavo <>
- To: Scott Cantor <>
- Cc: Shibboleth Development <>
- Subject: Re: comments: draft-mace-shibboleth-arch-protocols-03
- Date: Thu, 11 Nov 2004 15:41:20 -0500
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=eQVQ7hXN4QH6oxlHnMoLeVhhFbPcugjLs9148pvxUs2bsnQ17KMX2R7wxY3d/V4zt9yCNdIJM+KgNCN9w/gauL61uvELrjCSY9msJD11ALYh0y4MbzcUcm397flfBSRMckBz/gOwUe/0ettT4Z3nVZ3MxdTyDZeNB2r/qDOJKoQ=
On Thu, 11 Nov 2004 15:05:42 -0500, Scott Cantor
<>
wrote:
> > There is only one dashed line from User Agent to Identity
> > Provider---it's the bottom half of step 3. This request is required,
> > I think.
>
> Nope, it's not. Processing can start with some combination of step 4-5, no
> request assumed.
I disagree. The SAML 1.1 profiles are pretty clear about step 1,
which is a request from a user's browser. (Obviously, a request must
precede a response.)
> > But there needs to be some way to distiniguish the two authn response
> > profiles in metadata. Is that forthcoming?
>
> That's already in the profile I submitted. We use the SAML profile URIs as
> the endpoint's "Binding". And we use this new URI from Shib as the Binding
> of the SingleSignOnService endpoint, since that's our non-standard profile
> for that step.
Okay, I'll wait to see this new work.
Thanks,
Tom
- comments: draft-mace-shibboleth-arch-protocols-03, Tom Scavo, 11/11/2004
- RE: comments: draft-mace-shibboleth-arch-protocols-03, Scott Cantor, 11/11/2004
- Re: comments: draft-mace-shibboleth-arch-protocols-03, Tom Scavo, 11/11/2004
- RE: comments: draft-mace-shibboleth-arch-protocols-03, Scott Cantor, 11/11/2004
- Re: comments: draft-mace-shibboleth-arch-protocols-03, Walter Hoehn, 11/11/2004
- Re: comments: draft-mace-shibboleth-arch-protocols-03, Tom Scavo, 11/11/2004
- RE: comments: draft-mace-shibboleth-arch-protocols-03, Scott Cantor, 11/11/2004
- Re: comments: draft-mace-shibboleth-arch-protocols-03, Tom Scavo, 11/11/2004
- RE: comments: draft-mace-shibboleth-arch-protocols-03, Scott Cantor, 11/11/2004
- Re: comments: draft-mace-shibboleth-arch-protocols-03, Tom Scavo, 11/11/2004
- RE: comments: draft-mace-shibboleth-arch-protocols-03, Scott Cantor, 11/11/2004
- RE: comments: draft-mace-shibboleth-arch-protocols-03, Scott Cantor, 11/11/2004
- Re: comments: draft-mace-shibboleth-arch-protocols-03, Tom Scavo, 11/16/2004
- Re: comments: draft-mace-shibboleth-arch-protocols-03, Tom Scavo, 11/11/2004
- Re: comments: draft-mace-shibboleth-arch-protocols-03, RL 'Bob' Morgan, 11/11/2004
- <Possible follow-up(s)>
- Re: comments: draft-mace-shibboleth-arch-protocols-03, SCOTT CANTOR, 11/16/2004
- RE: comments: draft-mace-shibboleth-arch-protocols-03, Scott Cantor, 11/11/2004
Archive powered by MHonArc 2.6.16.