technical-discuss - [InC-Technical] RE: InCommon Federation with ADFS
Subject: InCommon Technical Discussions
List archive
- From: "Cantor, Scott" <>
- To: Allen Hudson <>, "" <>
- Subject: [InC-Technical] RE: InCommon Federation with ADFS
- Date: Tue, 31 Oct 2017 19:39:33 +0000
- Accept-language: en-US
- Authentication-results: spf=pass (sender IP is 128.146.163.17) smtp.mailfrom=osu.edu; incommon.org; dkim=none (message not signed) header.d=none;incommon.org; dmarc=pass action=none header.from=osu.edu;
- Ironport-phdr: 9a23:S1eFax2EftC27VOfsmDT+DRfVm0co7zxezQtwd8ZseMfK/ad9pjvdHbS+e9qxAeQG96Ku7Qc06L/iOPJYSQ4+5GPsXQPItRndiQuroEopTEmG9OPEkbhLfTnPGQQFcVGU0J5rTngaRAGUMnxaEfPrXKs8DUcBgvwNRZvJuTyB4Xek9m72/q89pDXYAhEniaxba9vJxiqsAvdsdUbj5F/Iagr0BvJpXVIe+VSxWx2IF+Yggjx6MSt8pN96ipco/0u+dJOXqX8ZKQ4UKdXDC86PGAv5c3krgfMQA2S7XYBSGoWkx5IAw/Y7BHmW5r6ryX3uvZh1CScIMb7Vq4/Vyi84Kh3SR/okCYHOCA/8GHLkcx7kaZXrAu8qxBj34LYZYeYP+d8cKzAZ9MXXWpPUNhMWSxdDI2ybIUPAOgAPelEoIfyqEADrQenBQSoGO/j1iNEimHw0KYn0+ohCwbG3Ak4Et4ArnnbttP1NLsVUeCv1KXD0CjNYO9R2Tfh9IjEfA0qrPaQUr1qd8rR1U4vFxnfglmOsoHlOCiV1vkXv2eF8uVgSPuihmg6oA9yujii3toghpXGi44PxV3J9z91zYkoKdGiVUJ3fcKoHINNuyybOIZ6WN4uT31qtSog1LELtpy2cDIXxJkmyRPTc/KHfJaL7x7/UeucJDl1iXZkdb6jghu97FWvx+79W8Sxy1lFtDRJn9zWuX8QyRDe686KQeZn8Ei7wzaAzQXT5/lEIU8qkarbLIYszKYsm5QUrUjOEDb6lkvxgqKYb0kk/fOn5Pr9brXhu5+cK5R7igbjMqQoh8OzG/w4MhIJX2iH5+uzyKHj/Uz+QLVMlPE2lbTZsIzeJcQcoa65ABVZ3Zok6xa6Fzum0dIYkmcbLF9dZR6Lk4fkN0vBLf36F/uyjEmgnC12y/zaIrHtGpDNIWLCkLflc7Z98UlcyA8rwN9D/Z1UDK0BIPXpWkPrqtDVFRg5Mxepw+r9Ftpyy54eVXqVAqCFKKPSrUOI5uU3LumNYo8apDH9K/0g5/7pi381g1gdfbOm3ZcOdHC3AOhpI0WfYXrtntgOC2MKshMjQ+zrk12NTSNTZ22pX68n4jE7CZmmDZvYRoyzmrCB3SG7HoFIaWBcDFCDD2voe5ueV/gSdS2SP5wprjtRfLylRolp9Qyirwj8g+5uLvfY4SoenYji05546/CF0Vl46TF/D8Kc2GiJCm11hWgVXCQe3aZ0pkl4zVHF1rJ3ybQMCdFY5/VIWQ4+cJLd1OdnEMvaWwTKedKMT1DgRc+pV2IfVNU0lpUlakBhHM/mxivI2Da2SfdBnLWNGJsutPj02GPsYctx1iCVh+Eak1A6T54XZiWdjall+l2WXtaRng==
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:99
> I am fully aware that InCommon Metadata was unable to be consumed by
> previous versions of ADFS without the aid of third-party
> applications/scripts.
> However, I was wondering if anyone has had any experiences they can share
> with ADFS 4.0? Does it still require third-party support, or does it
> natively
> consume the metadata? How reliable has it been? Any information would
> be much appreciated.
It does not consume it in a manner that is appropriate for the trust model
used by the federation, nor does it apply the metadata in a way that is
known, documented, and clearly consistent with the rules of the profile the
metadata follows.
It is therefore more problematic than if it simply didn't consume it at all.
Known behavior is better than unknown. That's from the point of view of an
IdP operator who has to predict the behavior of the systems using it in
conjunction with my own use of the metadata for describing my system.
-- Scott
- [InC-Technical] InCommon Federation with ADFS, Allen Hudson, 10/31/2017
- [InC-Technical] RE: InCommon Federation with ADFS, Cantor, Scott, 10/31/2017
Archive powered by MHonArc 2.6.19.