## page was renamed from SSO '''This page needs to document SSO or it will be removed!!!! Please try to read [[SSO2|this]] !''' = What is it? = External links: . http://en.wikipedia.org/wiki/Single_sign-on {{{ The Wikipedia Article says nothing about SSO using SSL-Client-Certificates. I still don't know how to handle the SSO option offered by CaCert. Is there a more fitting description of the technique CaCert is offering for single sign on? }}} PaulHaensch {{{ No, see text below => * No documented uses. * No documentation for how to use (just look at this page for instance) }}} u60 = CAcert's SSO current and future implementations = Reasons to Keep SSO: * [[https://lists.cacert.org/wws/arc/cacert/2009-06/msg00003.html|Login ID is unique irrespective of certificate]] Reasons to remove current SSO implementation: * [[https://lists.cacert.org/wws/arc/cacert/2009-06/msg00000.html|SSO ID's not guaranteed to be unique]] * [[https://lists.cacert.org/wws/arc/cacert/2009-06/msg00002.html|not currently RFC5280 compliant]] * No documented uses. * No documentation for how to use (just look at this page for instance) * CPS needs to reflect SSO correctly to pass audit * We have had good success in using [[ClientCerts]] for SSO purposes. Proposed SSO changes: * [[https://lists.cacert.org/wws/arc/cacert/2009-06/msg00005.html|SSO IDs are queried by applications based on a the client certificate]] * [[https://lists.cacert.org/wws/arc/cacert/2009-06/msg00001.html|Alternate fields to place SSO in - fixes RFC5280 non-compliance]] Documented users of SSO: * (None) = Decisions impacts documentation = [[https://www.cacert.org/policy/CertificationPracticeStatement.php|CPS policy]] Note: The SSO WIKI Entry link on . https://www.cacert.org/account.php?id=3 and . https://secure.cacert.org/account.php?id=3 points to this page... Better change that before removing this entry. Also links about SSO can be found: . https://wiki.cacert.org/HELP/0 . https://wiki.cacert.org/HELP/9 . describes how to configure and program a CAcert client cert login like procedure (no SSO) ---- . CategorySoftware . CategoryDeprecated