...
] Suggest to InCommon that they should consider recommending that sites protect their ECP endpoint on the IdP with X.509 certs. Otherwise there will be as many varieties of protection as there are ECP endpoints.Wiki Markup \[ScottK and all
- Friday morning "ECP Continued" discussion: X.509 may be too limiting. Basic Auth use cases (Live@EDU) are common.
- Multiple ECP endpoints? One for X.509 and one for Basic Auth?
...