>>>>> "Scott" == Scott Cantor <[log in to unmask]> writes:
Scott> It seems like your secure tunnel between the home domain and
Scott> the supplicant offers a way to deal with this, but one issue
Scott> is that the thing at the end of the tunnel isn't likely to be
Scott> the IdP, so there's more glue needed.
Another issue is that GSS and EAP basically have no concept of this at
all. You could potentially define a tunneled EAP method for this
conversation but it's definitely going to be ugly and a significant
change to whatever you're looking at.
|