>>>>> "David" == David Chadwick <[email protected]> writes:
David> The attributes issue, of how the SP's required set is
David> indicated to the IDP(s) and to the user, and user consent and
David> choice (if alternatives exist) is a much bigger issue than
David> the naming of realms. In fact I would say they are
David> orthogonal. It would be nice to address both in ABFAB
Naming of realms is important because if you don't handle it correctly
significant security attacks exist where one RP can get attributes
intended for another or one users attributes can be substituted for
another.
_______________________________________________
abfab mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/abfab
