[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [saml-dev] strongly matches
On 10/16/06, Scott Cantor <cantor.2@osu.edu> wrote: > > In the definition of "strongly matches" in section 3.3.4 of SAML2Core, > > is it implied that the SubjectConfirmation/@Method attributes of the > > two Subjects are equal? > > @Method more or less yes This perhaps should be errata. > along with the other simple content, Such as a nested <NameID> element? If so, this, too, should be errata. > but the > actual confirmation data, nope. Quite by design, e.g. "HoK using KeyName > Foo" -> "HoK using X509Certificate" Understood. > > Without this requirement, it seems the condition is untestable. > > It is, at least outside the bounds of a particular deployment. If the above items are made explicit in the spec (errata), at least there's something to test. > "All interop ends at ds:KeyInfo (tm)" Yes, I've used this (trademarked) statement in other conversations (with proper attribution of course :) Tom
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]