[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [security-services] underspecified behavior for AuthenticationQuery ?
Prateek, > > What do you think of weakening lines 519-521 to be: > > The source site MUST not return an assertion if it receives > a <samlp:Request> message from an authenticated destination > site X containing an artifact issued by the source site issued > to some other destination site Y, where X <> Y. > > This is more consistent with our "return no assertion" policy. The new writeup looks good to me. Thanks, Emily
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC