@MiodVallat access control as an identity-centric rather than resource-centric concept
-
-
@bascule Resource-centric views are easily converted to Identity-centric views. The world order used/depicted by SAML makes sense. (2/2) -
@MiodVallat except implementation flaws hurt you every step of the way and add to attack surface (see OP). Capabilities are opaque -
@bascule Implementation flaws only mean that the standard is not as easy to implement as expected. (1/3)
End of conversation
New conversation -
-
-
@bascule It makes sense if you consider an IdP as a collection of resources, i.e. coarse-grained authentication. (1/2)Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.