Sam there are at least two issues here
1. Ensuring that a claimed name really belongs to the claimant 2. Not having similar names that can confuse users which are you most concerned with? David On 08/11/2013 21:03, Sam Hartman wrote:
"David" == David Chadwick <[email protected]> writes:David> The attributes issue, of how the SP's required set is David> indicated to the IDP(s) and to the user, and user consent and David> choice (if alternatives exist) is a much bigger issue than David> the naming of realms. In fact I would say they are David> orthogonal. It would be nice to address both in ABFAB Naming of realms is important because if you don't handle it correctly significant security attacks exist where one RP can get attributes intended for another or one users attributes can be substituted for another.
_______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
