This page needs to document SSO or it will be removed!!!! Please try to read this !

What is it?

External links:

• http://en.wikipedia.org/wiki/Single_sign-on

  • The Wikipedia Article says nothing about SSO using SSL-Client-Certificates. I still don't know how to handle the SSO option offered by CaCert. Is there a more fitting description of the technique CaCert is offering for single sign on?

    PaulHaensch

    • No, see text below =>  * No documented uses.  * No documentation for how to use (just look at this page for instance)

      u60

CAcert's SSO current and future implementations

Reasons to Keep SSO:

• Login ID is unique irrespective of certificate

Reasons to remove current SSO implementation:

• SSO ID's not guaranteed to be unique

• not currently RFC5280 compliant

• No documented uses.
• No documentation for how to use (just look at this page for instance)
• CPS needs to reflect SSO correctly to pass audit

• We have had good success in using ClientCerts for SSO purposes.

Proposed SSO changes:

• SSO IDs are queried by applications based on a the client certificate

• Alternate fields to place SSO in - fixes RFC5280 non-compliance

Documented users of SSO:

• (None)

Decisions impacts documentation

• CPS policy

Note: The SSO WIKI Entry link on

• https://www.cacert.org/account.php?id=3 and

• https://secure.cacert.org/account.php?id=3

points to this page... Better change that before removing this entry.

Also links about SSO can be found:

• https://wiki.cacert.org/HELP/0

• https://wiki.cacert.org/HELP/9

• describes how to configure and program a CAcert client cert login like procedure (no SSO)

• CategorySoftware

• CategoryDeprecated