[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Response Processing
Hi all,
I have a question regarding the Response Processing. The profile standard contains the sections "<Response> Usage" (4.1.4.2) and "<Response> Message Processing Rules" (4.1.4.3). Obviously, the latter section is only relevant for SPs. However, I am wondering what about the former section, is it only relevant for the IDP that is issuing the response? As an example, the section mentions that "If multiple assertions are included, then each assertion's <Subject> element MUST refer to the same principal.". It is clear that the IDP must ensure that when issueing the response. But does the SP also need to check this? Or does section 4.1.4.3 contain the complete processing rules for the SP?
Another issue that was discussed internally refers to multiple assertions in the response (SSO profile). If multiple assertions are present in a response, is it sufficient to rely on the first valid assertion or is it necessary to ensure that all assertions are valid in order to rely on an arbitrary one?
Thanks and best regards,
Torsten
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]