Shibboleth Developers

["Scott Cantor" <>]

> > I would think so, why wouldn't it? It's not a question of "home" anyway.
I
> > don't know what the relationship of the subject to the issuer is, and I
> > don't really need to, but if I want to know where somebody's AA is, I
can
> > find out any number of ways.
> 
> Sorry, I'm missing something.  If you don't assume the subject and
> issuer are related, how do you determine the AA endpoint location?

When I said "somebody's AA", I was (badly) referring to the issuer as the
somebody, not the subject. As in, if I want to know where the AA for
urn:mace:incommon:osu.edu is, I can use metadata to find it.

My point was just that I don't like attaching labels like "home" to the
relationship between a subject and an IdP. All I know is that the IdP issued
an assertion about the person.

-- Scott