[Security] client-to-client security :: Summary and todo's - SAML added
Hannes.Tschofenig at gmx.net
Sat Aug 23 10:23:00 CDT 2008
SAML and OpenID are two different solutions for the roughly the same
SAML does not depend on OpenID nor does OpenID depend on SAML.
Pavel Simerda wrote:
> On Sat, 23 Aug 2008 16:26:42 +0200
> Johansson Olle E <oej at edvina.net> wrote:
>> Thanks for all the feedback on the summary. Keep discussing and I'll
>> try to update the summary tomorrow and see how that goes.
>> One thing I want to add myself is SAML/Shibboleth. SAML 2 is an
>> authentication system that is the basis for many authentication
>> systems, especially OpenID
> I haven't found a word about SAML in
>> and Shibboleth2. Shibboleth 2 is created
>> in the Internet2 project and is used in the academic world, where
>> universities build large federations for logging in and roaming, not
>> only to WiFi networks, but also to web based systems. There is work
>> to enhance this a get it used outside of the Web based single-sign-on.
>> I just saw a paper on how to use SAML authentication in SIP, and I'm
>> pretty sure ideas and questions about it will soon arrive on this
>> mailing list too. Anyone with ideas or feedback on this?
>> So SAML 2.0 and XMPP is someting that may affect authentication here
>> (The last sentence mostly a note to please search engines, he he).
More information about the Security