On 03/12/2014 03:39 PM, Sam Hartman wrote: >>>>>> "Gabriel" == Gabriel Lopez <[email protected]> writes: > > Gabriel> What's about an initial SAMLAuthRequest from the RP to > Gabriel> the idP (before the EAP exchange) pointing out, for > Gabriel> example, some kind of LoA requirement? I though it was one > Gabriel> of the motivations for the use of SAML here. In this case > Gabriel> there is not a "state" attribute. > > That would be inconsistent with the profile described in section 8. > That would be more consistent with the profile in section 7.
right > There, though, I'd expect the SAML request and EAP message to be in the > same initial access-request. ok, so what would happen if the SAMLAuthRequest has to be fragmented? the first message would include the EAP message? btw, Does It preclude the use of a pre-authorization exchange in this context? Regards, Gabi. > -- Gabriel López Millán, PhD Dept. Information and Communications Engineering (DIIC) Faculty of Computer Science-University of Murcia 30100 Murcia - Spain Telf: +34868888504 Fax: +34868884151 e-mail: [email protected]
0x8D119153.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
_______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
