El 21/01/11 13:30, Sam Hartman escribió:
"Gabriel" == Gabriel López<[email protected]> writes:Gabriel> so, the idp returns SAML attributes without a SAML Gabriel> attribute query or the RP, in a latter second round-trip Gabriel> sends the SAML attribute query to the idP over RADIUS. Gabriel> That's one of the issues the diagrams should clarify :) I'd like to push back on this a bit. If there's one thing coming out of the attribute provider discussion it is a strong indication of complexity. Let's have the basic abfab architecture not include support for multiple round trip attribute queries. No one has stepped forward to do the work. The current code, GSS EAP spec, GSS naming extensions and semantics of the SAML attributes all need to be extended.
That's what I supposed, and I think should be clarified in the document. Following this approach, the current document proposes to return the attribute statements without sending an attribute query. As far as I understood. Maybe it is a low level detail that should not be mentioned in the document but I think should be clarified.
Best regards, Gabi.
--Sam
-- ---------------------------------------------------------------- Gabriel López Millán Departamento de Ingeniería de la Información y las Comunicaciones University of Murcia Spain Tel: +34 868888504 Fax: +34 868884151 email: [email protected] _______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
