[Security] client-to-client security :: Summary and todo's - SAML added

Pavel Simerda pavlix at pavlix.net
Sat Aug 23 10:10:53 CDT 2008


On Sat, 23 Aug 2008 16:26:42 +0200
Johansson Olle E <oej at edvina.net> wrote:

> Thanks for all the feedback on the summary. Keep discussing and I'll  
> try to update the summary tomorrow and see how that goes.
> 
> One thing I want to add myself is SAML/Shibboleth. SAML 2 is an  
> authentication system that is the basis for many authentication
> systems, especially OpenID

I haven't found a word about SAML in

http://openid.net/specs/openid-authentication-2_0.html

> and Shibboleth2. Shibboleth 2 is created
> in the Internet2 project and is used in the academic world, where  
> universities build large federations for logging in and roaming, not  
> only to WiFi networks, but also to web based systems. There is work
> to enhance this a get it used outside of the Web based single-sign-on.
> 
> I just saw a paper on how to use SAML authentication in SIP, and I'm  
> pretty sure ideas and questions about it will soon arrive on this  
> mailing list too. Anyone with ideas or feedback on this?
> 
> So SAML 2.0 and XMPP is someting that may affect authentication here  
> too.
> 
> (The last sentence mostly a note to please search engines, he he).
> 
> /O


-- 

Web: http://www.pavlix.net/
Jabber & Mail: pavlix(at)pavlix.net
OpenID: pavlix.net


More information about the Security mailing list