technical-discuss - [InC-Technical] Fwd: who needs support for ECP?
Subject: InCommon Technical Discussions
List archive
- From: Nick Roy <>
- To: "" <>
- Subject: [InC-Technical] Fwd: who needs support for ECP?
- Date: Thu, 7 Sep 2017 15:32:41 -0600
- Authentication-results: spf=none (sender IP is ) ;
- Ironport-phdr: 9a23:5S5eBB/ptF4XiP9uRHKM819IXTAuvvDOBiVQ1KB20+8cTK2v8tzYMVDF4r011RmSDNWds6oMotGVmpioYXYH75eFvSJKW713fDhBt/8rmRc9CtWOE0zxIa2iRSU7GMNfSA0tpCnjYgBaF8nkelLdvGC54yIMFRXjLwp1Ifn+FpLPg8it2e2//57ebx9UiDahfLh/MAi4oQLNu8cMnIBsMLwxyhzHontJf+RZ22ZlLk+Nkhj/+8m94odt/zxftPw9+cFAV776f7kjQrxDEDsmKWE169b1uhTFUACC+2ETUmQSkhpPHgjF8BT3VYr/vyfmquZw3jSRMMvrRr42RDui9b9mRgLmiCkZNzA382/ZhcJ/g61ZvB2hpgdyzJTIbIyPLvdyYq3QcNEcSGFcXshRTStBAoakYoUXDuoOIeVYpJThqVsJrRq1GA6hBOX1yj9Phn77xqw60+I9EQ7YxgwgGcwBsGjKoNnvKqgdTP21wbDOwD7eYf1W3jL955LJchAnufyMUrNwcdbRyUkyDAzJlFSQqYv9MzyIzOsCqXOb7+t6We2ylWEqrRx6rDu3xso0l4XFmo0YxkrL+Ch72oo4KsO0RFRmbdK5EZZcrzyWOop4T884XW1luCg3xqcJtJO0ZiQHzJAqyhjCYPKdaYeI+AjsVOOJLDd4mn1lfLW/ig6q/0W8zePwSse53E9XoyVHjNXAr3cN2AfN5cSdTft941uh1i2I1wDO7OFLPFo4lbLBK54m3r4/iIYcsVjCHi/xnkX6lqiWdlg4+uis7OTnZbbmqoWAOI9zjwHyKqUumsqhDuQkKgUCQnSX9Oum2LDs/0D1WrpHguMsnqXErZzXJNwXpqujDA9U1oYj5Qy/DzCj0NkAm3kHNlVFeRKcgojoPVHOPO73De25g1uyjDdn2erKMaP8DZXQNnTDiqvufa5h605Azwo+1dFf55RIBbEGJfLzX0jxtNrCAh8+KQy0zP/rCMlj2YwCWWKPBK6ZP7/Ivl+M/+4gPuiMZJQJtzbgMPgl/OXjjXs4mV8GYampxoUbZGq5HvRgP0WWf2DsgtEfHmcWoAYyVvLlh0CfUW0bW3HnFb4x7TE9CYmvCcLPR5umnaea9Ca9FZpTY2dATFeWHj2gI5mJUPcKaSmbJoptkycPSKO6Y44n3harsQj8jb19IbyH1DcfsMfF1dN2r9fUhFlm8yZzHuyc1X2AVWd5gjlOSjMrivMs6Xdhw0uOhPAry8dTEsZesqtE
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:99
|
FYI - it would be good to understand the use of ECP in InCommon.
How many of you use/need ECP? It is included as a MUST for IdPs in
the Kantara SAMLv2.0 Implementation Profile for Federation
Interoperability:
https://kantarainitiative.github.io/SAMLprofiles/fedinterop.html It
is possible that could change if few real use cases exist. Best, Nick -------- Forwarded Message --------
Dear FIM4R people, within AARC2 a very lively and sophisticated discussion has taken place about the question whether SAML ECP should be mandatory or not in a SAML idP software conformance document. Although the main use case of ECP (non-web SSO) can be handled by other technologies such as OAuth2/OIDC, a number of SAML based deployments need ECP. The question is, how high this number is, and the idea came up to ask this list, which I am doing herewith: Who of you think that a proper SAML IdP-Implementation should support ECP and who uses it within their research infrastructure. To start answering the question: In DARIAH we have specified and implemented a Storage API that uses ECP for authentication. A second version of this API also supports OAuth2, thus although we would not need ECP support any more I still think that a SAML document should mandate ECP so that named use cases could be implemented within one technology stack such as SAML. There might be security considerations though that speak against ECP. So now its your turn to answer the question ;-) Cheers Peter -- _______________________________________________________________________ Peter Gietz (CEO) DAASI International GmbH phone: +49 7071 407109-0 Europaplatz 3 Fax: +49 7071 407109-9 D-72072 Tübingen mail: Germany Web: www.daasi.de DAASI International GmbH, Tübingen Geschäftsführer Peter Gietz, Amtsgericht Stuttgart HRB 382175 Directory Applications for Advanced Security and Information Management _______________________________________________________________________ |
- [InC-Technical] Fwd: who needs support for ECP?, Nick Roy, 09/07/2017
- Re: [InC-Technical] Fwd: who needs support for ECP?, Farmer, Jacob, 09/07/2017
- Re: [InC-Technical] Fwd: who needs support for ECP?, Scott Koranda, 09/07/2017
- Re: [InC-Technical] Fwd: who needs support for ECP?, Nick Roy, 09/07/2017
- Re: [InC-Technical] Fwd: who needs support for ECP?, Scott Koranda, 09/07/2017
- Re: [InC-Technical] Fwd: who needs support for ECP?, Farmer, Jacob, 09/07/2017
Archive powered by MHonArc 2.6.19.