[Security] client-to-client security :: Summary and todo's - SAML added

Johansson Olle E oej at edvina.net
Sat Aug 23 09:26:42 CDT 2008

Thanks for all the feedback on the summary. Keep discussing and I'll  
try to update the summary tomorrow and see how that goes.

One thing I want to add myself is SAML/Shibboleth. SAML 2 is an  
authentication system that is the basis for many authentication systems,
especially OpenID and Shibboleth2. Shibboleth 2 is created in the  
Internet2 project and is used in the academic world, where  
universities build large federations for logging in and roaming, not  
only to WiFi networks, but also to web based systems. There is work to  
enhance this a get it used outside of the Web based single-sign-on.

I just saw a paper on how to use SAML authentication in SIP, and I'm  
pretty sure ideas and questions about it will soon arrive on this  
mailing list too. Anyone with ideas or feedback on this?

So SAML 2.0 and XMPP is someting that may affect authentication here  

(The last sentence mostly a note to please search engines, he he).


More information about the Security mailing list