shibboleth-dev - Re: Draft Holder-of-Key Web SSO Profile
Subject: Shibboleth Developers
List archive
- From: "Tom Scavo" <>
- To:
- Subject: Re: Draft Holder-of-Key Web SSO Profile
- Date: Sun, 17 Feb 2008 14:45:19 -0500
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=uCwibto2Ze05LwGNjgYJ1hse5/psO7RP2GYX3IFszRdfeK16Phr8wIRpJ/iq7qJgLdebpzIOUc4m+wpTyvAKaCe4IWOVxiBA4BPTTyUSFxwNj9tgzs0/iHaiKSSwoxD7YaWwcMuTGwm2L9u+IhdguIo8sD7KN9xwa35JSrHq2y8=
On Feb 17, 2008 6:09 AM, Nate Klingenstein
<>
wrote:
>
> SAML can be bound to
> protocols other than HTTP, e.g. SIP, but I don't know if these
> bindings have been standardized or implemented. They're definitely
> not the primary use case.
I don't know about SIP, but I can tell you we continue to bind SAML to
X.509 certificates with good success. We are preparing to roll this
out to TeraGrid sites later this month, as a matter of fact.
> On top of vanilla HTTP, there's SOAP, for
> which there might already be options for this sort of integration of
> transit-layer security using SOAP with WS-Trust and ID-WSF.
One of the advantages of binding SAML to X.509 is that such tokens can
be used at both the transport level and the message level. If your
application supports WS-Security X.509 Token Profile, it automatically
supports X.509-bound SAML tokens.
Tom
- Draft Holder-of-Key Web SSO Profile, Nate Klingenstein, 02/14/2008
- Re: Draft Holder-of-Key Web SSO Profile, Diego R. Lopez, 02/15/2008
- RE: Draft Holder-of-Key Web SSO Profile, Scott Cantor, 02/15/2008
- Re: Draft Holder-of-Key Web SSO Profile, Diego R. Lopez, 02/16/2008
- Re: Draft Holder-of-Key Web SSO Profile, Nate Klingenstein, 02/17/2008
- Re: Draft Holder-of-Key Web SSO Profile, Diego R. Lopez, 02/17/2008
- Re: Draft Holder-of-Key Web SSO Profile, Nate Klingenstein, 02/17/2008
- Re: Draft Holder-of-Key Web SSO Profile, Diego R. Lopez, 02/16/2008
- RE: Draft Holder-of-Key Web SSO Profile, Scott Cantor, 02/15/2008
- Re: Draft Holder-of-Key Web SSO Profile, Tom Scavo, 02/15/2008
- Re: Draft Holder-of-Key Web SSO Profile, Nate Klingenstein, 02/16/2008
- Re: Draft Holder-of-Key Web SSO Profile, Tom Scavo, 02/16/2008
- Re: Draft Holder-of-Key Web SSO Profile, Nate Klingenstein, 02/17/2008
- Re: Draft Holder-of-Key Web SSO Profile, Tom Scavo, 02/17/2008
- Re: Draft Holder-of-Key Web SSO Profile, Diego R. Lopez, 02/17/2008
- Re: Draft Holder-of-Key Web SSO Profile, Tom Scavo, 02/17/2008
- Re: Draft Holder-of-Key Web SSO Profile, Nate Klingenstein, 02/17/2008
- Re: Draft Holder-of-Key Web SSO Profile, Tom Scavo, 02/16/2008
- Re: Draft Holder-of-Key Web SSO Profile, Nate Klingenstein, 02/16/2008
- Re: Draft Holder-of-Key Web SSO Profile, Diego R. Lopez, 02/15/2008
Archive powered by MHonArc 2.6.16.