> perhaps each SSO Domain requiring a different LoA, and having > different expiration policies.
And being able to scope sign out, i.e. log out of services exclusively within a particular domain. I think the features we've discussed are along the lines of brainstorming, but it's worth thinking about and engaging the community with some directed questions to clarify the desirable features and subsequent requirements. I personally think multiple SSO cookies is a bad implementation given the requirements we've discussed, but I don't think we've got a clear picture of all the requirements yet. In any case the notion of support for SSO domains in some flavor, with features we've discussed, should be on the roadmap for CAS4. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
