OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Question about evidences

Hi,

I would like to konw what is the interest of evidences.
Here is how I understand the specification :
  - a SAML client sends a request with an evidence inside the query, 
this evidence contains an assertion ID (assertion reference),
  - a SAML server get this assertion ID and retrieve the corresponding 
assertion without control about the assertion ID validity, then it 
returns the assertion in an evidence element inside the statement

Is it correct ?
In which case a SAML client can create a request with an evidence (with 
assertion ID) ? Where this assertion ID can come from ?
The SAML schema allows giving an assertion instead of an assertion ID in 
the evidence on the query. In this case what does the server check ?

Thanks in advance.


Frederic Deleon

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]