Browse by Tags

• google
• Identity
• ID-WSF
• Liberty
• SAML
• ws-federation

• Pseudonymity would help

  Kim Cameron writes of Google's failing to scope SAML assertions : But according to the research done by the paper’s authors, the Google engineers “simplified” the protocol, perhaps hoping to make it “more efficient”? So they dropped the whole ID and scope “thing” out of the assertion. All that was signed was the client’s identity. The result was that the relying party had no idea if the assertion was minted for it or for some other relying party. It was one-for-all and all-for-one at Google. While Read More... Posted Monday, September 15, 2008 6:00 AM from Conor's Web Log of Esoterica | 1 Comments Filed under: Identity, SAML, Liberty, ID-WSF, google, ws-federation, pseudonymous identifier