I will state upfront that I know less about diameter than I do about Radius so the questions I have are to be taken with that grain of salt.
1. Is it possible to include a more general SAML query than just an authorization request in a DER message? Specifically, I would like to be able to query for a set of attributes about the entity that was authorized as oppose to get the fact they are authorized. 2. Does Diameter give any way of sending the keys around that are to be used for doing the xml encryption operation? I understand that diameter is more point-to-point than RADIUS but I do not know that to be a fact. Does this mean that there is more likely to have end-to-end signing and encryption capabilities present? 3. Is there a concept of proxies that sit on boundaries that could modify the SAML constructs to deal with mapping of attributes? Jim _______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
