Integration of Dynamic Automated Metadata Exchange into the SAML 2.0 Web Browser SSO Profile
draft-poehn-dame-06
Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Authors | Daniela Pöhn , Stefan Metzger , Wolfgang Hommel , Michael Grabatin | ||
Last updated | 2016-12-30 (Latest revision 2016-06-28) | ||
RFC stream | Independent Submission | ||
Intended RFC status | Informational | ||
Formats | |||
Stream | ISE state | Submission Received | |
Consensus boilerplate | Unknown | ||
Document shepherd | (None) | ||
IESG | IESG state | Expired | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document specifies the integration of Dynamic Automated Metadata Exchange (DAME) through an intermediate trusted third party into the Security Assertion Markup Language (SAML) 2.0 Web Browser SSO Profile. The user-triggered, on-demand, and fully automated metadata exchange between identity provider (IDP) and service provider (SP) is intended for scenarios in which the a-priori, e.g., federation-based exchange of SAML metadata is neither practical, scalable nor mandatory for non-technical aspects, such as contract-based trust building between IDP and SP. The main benefit of DAME is the removal of waiting times for users and manual setup tasks for IDP and SP administrators before users can access the service. Implementations of DAME can leverage existing metadata repositories, such as REEP, and metadata transfer protocols, such as MD Query.
Authors
Daniela Pöhn
Stefan Metzger
Wolfgang Hommel
Michael Grabatin
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)