Well, I think you may well need SAML rewrite at AAA proxies if you don't
have something like Kerberos.
Attribute remapping at organizational boundaries seems like something
people will want.
But that does not happen at the intermediary AAA proxies, as they are
not interested on the information being transmitted. It should happend
at both ends of the communication, or at a close point. And likely it
will happend once at much for each assertion. Am I wrong?
Regards,
Alejandro
_______________________________________________
abfab mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/abfab
