>- applicability - does it identify and solve a problem? I think it does. A specific case it simplifies is coordination of access control in federations.
>- completeness - is there something missing? I'm personally missing scenarios which - use redirection as opposed to proxy mode. IMO, it is beneficial to have the AS operated in 3xx mode for better scalability. - use SAML-by-value, in addition to SAML-by-reference. I personally find the SAML-by-reference quite non-real-time and harder-to-scale too. Perhaps there are arguments why proxy+by/reference is the best thing, but if that's the case I think they should be mentioned in the document. Other things have been tracked but the debates are IMO not yet visible in the spec: - reference of the SAML document to some parts of the initial SIP request so that it is harder to replay SAML permisssions (issue #5) - backwards compatibility with Identity-info (#12) - the by-value scenarios is here actually too .. (#9) -jiri -- Jiri Kuthan http://iptel.org/~jiri/ _______________________________________________ Sip mailing list https://www1.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
