OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

imi message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Conflict between SAML 2.0 token profile and WS-Trust

The SAML 2.0 token profile currently says:

If a token request does not include a <wst:KeyType> element, the Identity Provider SHOULD assume that an asymmetric proof key is required.

 

This is contrary to the WS-Trust spec, Section 9.2 (Key and Encryption Requirements) which says that in the absence of a <KeyType> element, the key type should default to a symmetric key.  I think we should be consistent with that, else we create contradictions.

 

Any disagreement, or shall I file an issue for us to consider on Thursday’s call?

 

                                                                -- Mike

 

P.S.  The WS-Trust spec is at http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.html.

 

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]