Second NewBy Question: Turning Off SAML-1

Chad La Joie lajoie at itumi.biz
Fri Aug 3 12:45:29 EDT 2012 

On Fri, Aug 3, 2012 at 12:40 PM, Henry B. Hotz <hotz at jpl.nasa.gov> wrote:
> This is a Shibboleth list, no?  ;-)  I'm asking about both the IDP and the SP.

It is, but we have about 10 different products so the question as you
initial asked it was a bit imprecise.

> There's obvious stuff in just about all of the various config files.  Since it's a significant clutter, and this setup is brand new, is there any reason to leave any of it in?  Maybe some legacy implementation dependence?

Unfortunately "legacy" tends to stick around for a very long time, so
it will really depend on your environment.  I run the shibboleth.net
IdP though, for example, in SAML 2 only mode but we would not be able
to run the SP in that fashion because we do still have people using
SAML 1 when connecting to it.  So you really just need to look at who
you'll be interoperating with and see if everyone is SAML 2-capable or
can be arm-twisted in to upgrading.

> On Aug 3, 2012, at 8:11 AM, Chad La Joie wrote:
>
>> For which product?  The IdP doesn't care.
>>
>> On Fri, Aug 3, 2012 at 11:07 AM, Henry B. Hotz <hotz at jpl.nasa.gov> wrote:
>>> If I just go wild and delete everything in the standard install config files that references SAML 1, will anything break?
>>> ------------------------------------------------------
>>> The opinions expressed in this message are mine,
>>> not those of Caltech, JPL, NASA, or the US Government.
>>> Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu
>>>
>>> --
>>> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
>>
>>
>>
>> --
>> Chad La Joie
>> www.itumi.biz
>> trusted identities, delivered
>> --
>> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
>
> ------------------------------------------------------
> The opinions expressed in this message are mine,
> not those of Caltech, JPL, NASA, or the US Government.
> Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu
>
> --
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net



-- 
Chad La Joie
www.itumi.biz
trusted identities, delivered

More information about the users mailing list