« Design for Failure | Main | Learning from EAs: The EA Bill of Responsibilities »



How does SAML 2.0 compare to WS-Federation in terms of encapsulating past requirements?


Is it too many standards the problem or too complex ones to develop and review for security ?

Don't you think that the major drawbacks of all these standards is their architecture and design complexity, because they want to address a too large scope ?

Don't you think that more simple and "targeted" protocols would be easier to conceive and review for security flaws ?


The comments to this entry are closed.