Re: [security-services] Groups - sstc-saml-holder-of-key-browser-sso-draft-03.odt (sstc-saml-holder-of-key-browser-sso-draft-03.odt) uploaded - Tom Scavo - org.oasis-open.lists.security-services

12 messages in org.oasis-open.lists.security-servicesRe: [security-services] Groups - sstc...

From	Sent On	Attachments
nd...@internet2.edu	Jun 16, 2008 11:13 pm
Scott Cantor	Jun 17, 2008 8:17 am
Tom Scavo	Jul 1, 2008 12:02 pm
Scott Cantor	Jul 1, 2008 12:40 pm
Tom Scavo	Jul 1, 2008 6:07 pm
Scott Cantor	Jul 1, 2008 7:00 pm
Tom Scavo	Jul 5, 2008 6:27 am
Scott Cantor	Jul 5, 2008 9:42 am
Tom Scavo	Jul 14, 2008 6:58 am
Scott Cantor	Jul 14, 2008 8:15 am
Tom Scavo	Jul 14, 2008 11:28 am
Scott Cantor	Jul 14, 2008 11:41 am

Subject:	Re: [security-services] Groups - sstc-saml-holder-of-key-browser-sso-draft-03.odt (sstc-saml-holder-of-key-browser-sso-draft-03.odt) uploaded
From:	Tom Scavo (trsc...@gmail.com)
Date:	Jul 1, 2008 6:07:21 pm
List:	org.oasis-open.lists.security-services

On Tue, Jul 1, 2008 at 3:40 PM, Scott Cantor <cant...@osu.edu> wrote:

My argument is the same as it was originally. I don't think it serves either use case to attempt one profile that addresses SSO with a browser and stand-alone clients. They share commonality and they also have significant differences. I would leave it to implementations to decide how to overlap them.

As far as I can tell, a profile for a stand-alone client (which doesn't exist of course) would be a strict subset of the holder-of-key-browser-sso profile. Moreover, the IdP-first subcase of browser SSO is *very* close to the stand-alone client scenario. Thus I don't see much point in having two separate profiles.

Tom

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets