[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] Subject in the AuthRequest.
"The IdP needs to consider whether or not the requestor is allowed to specify its own key."
If from I guess its policies the IDP allow the key, would then build an assertion (after authentication) with the same subject+confirmation as specified in the request (is this a MUST/MAY or SHOULD)?
If the IdP returns a positive response to the requestor, it MUST include the key in the assertion. If, perhaps for some policy reason, it thinks that it cannot use the specified key, it would have to return an error.
Conor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]