Problem configuring and IdP to support anonymous relying parties

Cantor, Scott cantor.2 at
Wed Sep 14 16:45:32 BST 2011

On 9/14/11 11:38 AM, "Jon Warbrick" <jw35 at> wrote:
>Does that make any sense? Is it 'safe' to run with the rules removed for
>DefaultRelyingParty (will attribute release keyed on entityID be safe, for

Can't speak to the rest, but, no, it's not safe. How could it be? You're
letting anybody claim to be anybody. I guess you can do that if you just
release the same attributes to everybody, but not otherwise.

-- Scott

More information about the users mailing list