[prev in list] [next in list] [prev in thread] [next in thread]
List: shibboleth-users
Subject: Re: SAML2 Attribute Query and CryptoTransientId
From: "Cantor, Scott E." <cantor.2 () osu ! edu>
Date: 2011-07-28 22:35:09
Message-ID: CA575BA9.11BF5%cantor.2 () osu ! edu
[Download RAW message or body]
On 7/28/11 5:03 PM, "Tom Poage" <tfpoage@ucdavis.edu> wrote:
>This is what I was using for testing (along with corresponding
>AttributeDefinition):
Ok, just a thought.
>Not a big deal (for me), since we don't use SAML 2 Attribute Query, nor
>Artifact in general.
I don't at all, so it may be there's a bug handling 2.0, though I can't
think why. That code's all far away from any of the SAML version specific
code. I would suggest filing a bug on it for now. I can try it easily
enough once I have a chance.
>That said, we were toying with the idea of reinstating AQ for SAML 1
>(vs. push) cf. the security consideration of pushing unencrypted
>attributes through the client browser (and I've been avoiding Terracotta).
I'm using it now for SAML 1 (we just went production this week).
As an aside, I probably was the last thing resembling a maintainer for the
1.3 IdP, so if somebody out there is still using it, I suggest you find
yourself a sugar daddy to maintain that code.
-- Scott
--
To unsubscribe from this group, send email to
users+unsubscribe@shibboleth.net
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic