logout and misc Qs --shib idp

Tom Scavo trscavo at gmail.com
Mon Nov 5 18:50:47 EST 2012

On Mon, Nov 5, 2012 at 6:41 PM, David Bantz <dabantz at alaska.edu> wrote:
> It even contributes to the
> continued conflation (in my local experience) of SSO with single set of credentials,
> thereby implicitly legitimizing credential relay

I'm not sure I understand either side of this argument. Can you
elaborate a bit more?

> their discomfort with lack of total control
> implicit in trusted third party central authN

If you supported AuthnContext at the IdP, and offered your SPs some
options (such as two-factor authentication), would that make a


More information about the users mailing list