Jim, >In order to deal with this case, it may be that the EAP server will need >to >provide an anonymous identity to the acceptor that it can later correlate >back to the actual identity of the client. Such a provider could be an >encrypted token.
SAML defines a pseudonymous identifier intended for this use case. This vale would be returned to the acceptor at the end of the Abfab Authentication Profile in a SAML authentication assertion. The acceptor could subsequently use this value to name the subject in a subsequent Abfab Assertion Request. Does that work for your use case? Josh. JANET(UK) is a trading name of The JNT Association, a company limited by guarantee which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Oxford, Didcot, Oxfordshire. OX11 0SG _______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
