Skip to Content.
Sympa Menu

shibboleth-dev - RE: [Shib-Dev] Feedback for Shibboleth 2.2 roadmap

Subject: Shibboleth Developers

List archive

RE: [Shib-Dev] Feedback for Shibboleth 2.2 roadmap


Chronological Thread 
  • From: Peter Williams <>
  • To: "" <>
  • Subject: RE: [Shib-Dev] Feedback for Shibboleth 2.2 roadmap
  • Date: Thu, 26 Feb 2009 07:57:11 -0800
  • Accept-language: en-US
  • Acceptlanguage: en-US
How the idp satisfies the requirement is up to it.in protocol terms, if it
signs a (positive) response it has met the requirement. How it does that, the
sp does not know, and cannot know).

Is there a restriction in the standard that limits forceauthn to a class of
auth scheme with ceetain properties?

Can this be configured in shib idp(inducing sgned errors to be returned for
those not so configured)?

-----Original Message-----
From: André Cruz
<>
Sent: Thursday, February 26, 2009 6:38 AM
To:


<>
Subject: Re: [Shib-Dev] Feedback for Shibboleth 2.2 roadmap


On Feb 26, 2009, at 13:55 , Chad La Joie wrote:

> Well, and that's what I was saying. This doesn't do that. My
> experience has been that a large subset of people who say that also
> store their passwords in their browsers.

I store passwords on my browser, just not on public browsers. I don't
think this goes against what I think about forceauthn. And I don't
think anybody is saying it's full proof, just that it's a little bit
less likely that someone abuses an open session left behind in a
public terminal.

André


Archive powered by MHonArc 2.6.16.

Top of Page