Android Application Question
Marc Boorshtein
mboorshtein at gmail.com
Wed Jan 4 16:38:24 EST 2017
>
> The problem is that scaling RPs without giving up authenticating them
> requires public keys and trust management. They have not accepted that and
> the RPs will never support it. Thus, no scaling. Of course, if you
> eliminate authentication of the RP, yes, you can do it. Lots of people,
> probably most, are fine with that.
>
>
Got it. I guess it depends on the situation. All our RPs are via SAML and
we require signed authn requests. We just use OIDC for authenticating
users back to their primary source.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20170104/9353d2fe/attachment.html>
More information about the users
mailing list