metadata-support - Re: [Metadata-Support] port numbers in metadata
Subject: InCommon metadata support
List archive
- From: Ian Young <>
- To:
- Subject: Re: [Metadata-Support] port numbers in metadata
- Date: Thu, 7 Jul 2016 13:33:21 +0100
> On 7 Jul 2016, at 13:24, Tom Scavo
> <>
> wrote:
>
> Other than being completely atypical, is there a good reason not to do this?
Same reason as back-channel stuff tends to cause trouble, which is that
firewalls can block that port. As well as being a problem you'd need to fix
at the IdP side, you need to be prepared to deal with odd firewall behaviour
at any location a client tries to authenticate from, where with the back
channel it's "only" the firewalls at SP locations.
A minor issue is that if you ever did want the IdP to grow a back channel for
any reason, you'd have to go even more off the reservation as you don't want
to run front and back channel on the same port.
-- Ian
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
- [Metadata-Support] port numbers in metadata, Tom Scavo, 07/07/2016
- Re: [Metadata-Support] port numbers in metadata, Ian Young, 07/07/2016
- RE: [Metadata-Support] port numbers in metadata, Cantor, Scott, 07/07/2016
- Re: [Metadata-Support] port numbers in metadata, Ian Young, 07/07/2016
- RE: [Metadata-Support] port numbers in metadata, Cantor, Scott, 07/07/2016
- Re: [Metadata-Support] port numbers in metadata, Ian Young, 07/07/2016
- RE: [Metadata-Support] port numbers in metadata, Cantor, Scott, 07/07/2016
- Re: [Metadata-Support] port numbers in metadata, Ian Young, 07/07/2016
Archive powered by MHonArc 2.6.19.