 |
 |
El 23/05/14 11:18, Rhys Smith escribió: > On 23 May 2014, at 09:50, Gabriel López <[log in to unmask]> wrote: > >> Thinking a bit more about it, and the use case you described... >> Would it be possible RP and idP belonging to two different CoIs? If so, >> how the idP knows the right CoI to use? The RP should specify the >> desired CoI beforehand or the idP could issue the same attribute with >> two different values (one for each CoI value), but then the RP should >> check both of them in order to find the right value.... > > As it stands in the world of Trust Router, RPs belong to a single community of interest (IdPs are obviously members of as many as they wish). Reading http://tools.ietf.org/id/draft-mrw-abfab-trust-router-02.txt I can't see an argument about that. Although probably it is not updated. > > So every request for access is always in the context of a particular CoI, so this is not a problem. If this restriction applies then yes. Regards, Gabi. > > Rhys. > -- > Dr Rhys Smith > Identity, Access, and Middleware Specialist > Cardiff University & Janet, the UK's research and education network > > email: [log in to unmask] / [log in to unmask] > GPG: 0x4638C985 > -- -------------------------------------------------------------- Gabriel López Millán Departamento de Ingeniería de la Información y las Comunicaciones University of Murcia Spain Tel: +34 868888504 Fax: +34 868884151 email: [log in to unmask]