Skip to Content.
Sympa Menu

edugain-discuss - Re: [eduGAIN-discuss] FIDO2 and SSO?

edugain-discuss AT lists.geant.org

Subject: An open discussion list for topics related to the eduGAIN interfederation service.

List archive

Re: [eduGAIN-discuss] FIDO2 and SSO?


Chronological Thread 
  • From: Leif Johansson <leifj AT sunet.se>
  • To: edugain-discuss AT lists.geant.org
  • Subject: Re: [eduGAIN-discuss] FIDO2 and SSO?
  • Date: Wed, 27 Feb 2019 15:36:45 +0100
  • Authentication-results: prod-mail.geant.net (amavisd-new); dkim=pass (2048-bit key) header.d=sunet-se.20150623.gappssmtp.com

On 2019-02-27 15:23, Peter Schober wrote:
> * Leif Johansson <leifj AT sunet.se> [2019-02-27 14:36]:
>> You don't need much server-side to do WebAuth. All you have to do is
>> to store a public key somewhere in your user store. You can probably
>> figure that out without handholding :-)
>
> Not sure most IDPs have a deployed a writable user store?

You don't need that. All you need is for your registration page to
have write access to the user store - or something adjacent to it.
shib could certainly multiplex multiple datastores here

> (One of the reasons people fail to [properly] support non-reassigned
> identifiers, which happen to be the only ones left going forward,
> i.e., subject-id and pairwise-id.)
>
> -peter
>




Archive powered by MHonArc 2.6.19.

Top of Page