Thanks for the pointers. It would be a lot more approachable to do new implementations of cosign if there were a spec document like this one:
http://jasig.github.io/cas/development/protocol/CAS-Protocol-Specification.html One of the key differences between Cosign and CAS seems to be the implementation of separate SSL certificates for Cosign's back-channel. I'm curious what the improvement in security is there. It could be left over from the era when the public sites might not be using https, or it could have a larger benefit that just isn't clear to me yet. -- THOMAS BOUTELL, DEV & OPS P'UNK AVENUE | (215) 755-1330 | punkave.com ------------------------------------------------------------------------------ Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Cosign-discuss mailing list Cosign-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/cosign-discuss