Allowing sites to renew information
barry at sxip.com
Tue Sep 26 23:21:54 UTC 2006
Good point David, I was referring to school of thought #1. #2 should
certainly be possible with AX as well.
On 26-Sep-06, at 3:58 PM, Recordon, David wrote:
> I think that is slightly different from what Gerv was referring to.
> With Simple Registration, there is nothing stopping a relying party
> requesting the email address with every authentication request. Most
> implementations however don't seem to do this, rather only request
> if they don't have it.
> In a sense, I think there are two schools of thought:
> 1) IdP pushes new data to each RP
> 2) Each RP pulls new data in each authentication request
> In a sense, I think the IdP pushing data is more robust. If you
> your email address in your IdP, I'd imagine it would have tracked what
> RPs you've given it to, and then offer to send the updated address to
> In the end though, I don't think this is something specifications will
> necessarily dictate. Rather I'd hope to see the specs support both
> methods and then implementations choose what is best given their
More information about the specs