On 14-Oct-06, at 9:17 PM, Josh Hoyt wrote:
> On 10/14/06, Dick Hardt <[EMAIL PROTECTED]> wrote:
>> Since the request is not signed and flows through the user, the IdP
>> does not know the request message has not been modified. If the IdP
>> assumes the two identifiers are bound, then a malicious
On 10/14/06, Dick Hardt <[EMAIL PROTECTED]> wrote:
> Since the request is not signed and flows through the user, the IdP
> does not know the request message has not been modified. If the IdP
> assumes the two identifiers are bound, then a malicious user can
> pretend to be a different user from the
On 14-Oct-06, at 7:36 PM, Recordon, David wrote:
> Dick,
> While it is true that the IdP should still check that they are bound,
> except in the case when it is directly authoritative for both, the RP
> should provide the IdP with what the user entered as a hint to what
> claim the End User is wi
Dick,
While it is true that the IdP should still check that they are bound,
except in the case when it is directly authoritative for both, the RP
should provide the IdP with what the user entered as a hint to what
claim the End User is wishing to make. Just sending the non-portable
identifier, as
