OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [saml-dev] How does an artifact issuer "authenticate" the sender of the <ArtifactResolve> message?


> Perhaps one of the things we should do in a future release is to
> add an element in the assertion indicating how the assertion 
> was to be delivered.  This would reduce the usefulness
> of a MiTM getting an assertion as they could no longer use it 
> in a non-artifact delivery. 

Yeah, I can see how that would have been one useful aspect of the old
artifact subject confirmation, and I considered proposing to add that back
late in the process once the binding/profile split had been re-worked to my
satisfaction. If that was the primary reason for having it originally, I
missed it, sorry.

-- Scott



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]