Comment #10 on issue 28 by MaryRT...@gmail.com: Security http://code.google.com/p/ogf-nsi-project/issues/detail?id=28 The attached note was written to explain why SAML attributes for the originator of a connection request were added to the NSI schema. It is intended to be background information for a security discussion on the Nov. 2 phone call. It tries to clarify the usages of SAML attributes and points out the trust issues that are raised by their use as a basis for provider authorization. I think that the determining factor as to whether plain SAML attributes are useful, needed or insufficient is the authorization requirements of the operators that are providing the network resources. Attachments: SAMLinNIS.rtf 30.8 KB