OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: RE: [security-services] Suggest adding IssueInstant attribute toRequest and Response


>I don't understand this. You were able to capture the orignal request,
but
>you could not see the response? 

Not likely in the case of HTTP, but I suppose its more possible with
something like SMTP where there's a time delay.

More likely you can capture the original response too, but now you have
a lifetime pass (modulo the signing certificate expiring) to get the
latest attributes (as Alice) any time you want them.

It's becoming apparent to me that this case is of sufficiently limited
scope for the current SAML exchanges that nobody is going to worry much
about it, and I can live with that. I still don't see much of a cost
here, but I understand now why it's not in there.

-- Scott



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC