-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 12/11/2011 01:13 AM, abfab issue tracker wrote:
> #10: Defintion of federation
>
> version -00
>
> Intro para #3
>
> - I want to make sure that your definition of federation is one
> that you want to make. Specifically it would appear that there can
> be federations even within a single entity in the event that actor
> providing the identity information is not the same as the RP.
> Would you consider a single Kerberos or Windows enterprise to be a
> federation. In these cases the IdP being the login service and the
> RP being somebody granting access to a resource (in windows
> possibly by an RPC). I generally think of federation as being
> between two different entities rather than within a single entity
> but using multiple servers.
>
(Speaking as an individual)
I don't think this is a useful distinction. In terms of "deployment
count" the internal federation is very common. In a large enterprise
internal federations are often the result of M&A and then the amount
and complexity of policy isn't even that different from a federation
between separate parties.
I'd personally close this issue wo change to the text.
Cheers Leif
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk7nNHEACgkQ8Jx8FtbMZncmRwCfXvAL53r+E0VtlDc9NOFTBP7b
cNAAoIUAzJ7vUHMNdAT7c8wgC073ZOBe
=crHn
-----END PGP SIGNATURE-----
_______________________________________________
abfab mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/abfab
