idp.session.consistentAddress and real security implications.

Jeffrey Crawford jeffreyc at ucsc.edu
Mon Apr 25 13:11:37 EDT 2016


We've been getting increasing complaints, especially from mobile users that
move between 4G/3G and wifi, that they are loosing their IdP SSO sessions.

Therefore I've been asked to get some concrete data about how much security
consistentAddress adds to the IdP sessions, or in other words how much
security we lose be disabling it.

Thanks

Jeffrey
​C​.

Both pilots and IT professionals require training and currency before
charging into clouds!
---------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20160425/30527993/attachment.html>


More information about the users mailing list