[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] Sender Vouches Issues & Alternative Use Cases
Mike Tran wrote on 2009-01-31: > I am looking to see if there is any mechanism in SAML that provides > assurances to a relying party that the subject of a sender vouches > saml assertion did in fact provide the asserting party authority to > make a web service invocation on its behalf. No, because that's the definition of sender vouches. Sender-vouches is the equivalent of "this space intentionally left blank". > In addition, I was > wondering if there is any information on other web service chaining > use cases that does not utilize sender vouches to propagate identity? 99% of them. Most involve holder of key because servers almost always have keys. The only fully specified mechanism for this is Liberty ID-WSF. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]