[Security] client-to-client security :: Summary and todo's - SAML added
Johansson Olle E
oej at edvina.net
Sat Aug 23 09:26:42 CDT 2008
Thanks for all the feedback on the summary. Keep discussing and I'll
try to update the summary tomorrow and see how that goes.
One thing I want to add myself is SAML/Shibboleth. SAML 2 is an
authentication system that is the basis for many authentication systems,
especially OpenID and Shibboleth2. Shibboleth 2 is created in the
Internet2 project and is used in the academic world, where
universities build large federations for logging in and roaming, not
only to WiFi networks, but also to web based systems. There is work to
enhance this a get it used outside of the Web based single-sign-on.
I just saw a paper on how to use SAML authentication in SIP, and I'm
pretty sure ideas and questions about it will soon arrive on this
mailing list too. Anyone with ideas or feedback on this?
So SAML 2.0 and XMPP is someting that may affect authentication here
(The last sentence mostly a note to please search engines, he he).
More information about the Security