Android Application Question
mboorshtein at gmail.com
Wed Jan 4 16:38:24 EST 2017
> The problem is that scaling RPs without giving up authenticating them
> requires public keys and trust management. They have not accepted that and
> the RPs will never support it. Thus, no scaling. Of course, if you
> eliminate authentication of the RP, yes, you can do it. Lots of people,
> probably most, are fine with that.
Got it. I guess it depends on the situation. All our RPs are via SAML and
we require signed authn requests. We just use OIDC for authenticating
users back to their primary source.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users