[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [security-services] Additional verbiage for Section 3.4.4
Mishra, Prateek wrote: > A SAML responder MUST return zero or more assertions in a <Response> > element. This is a bit weird. It MUST do something, one of the options of which is doing nothing? Would it make sense rather to get a little more conceptual? > Each assertion MAY contain one or more statements. > If the responder cannot find any assertions that satisfy the constraints > expressed by the query, > the <saml:Response>/<saml:StatusCode> MUST have value "Success". > It MAY also return a <saml:StatusMessage> with additional information. How about this? "The responder is expected to return assertions that satisfy the constraints expressed by the query. Any assertions returned MUST contain one or more statements. If no assertions satisfy the constraints, the response MUST contain no assertions and its status code MUST have the value "Success". The response MAY also contain a status message with additional information." Eve -- Eve Maler +1 781 442 3190 Sun Microsystems XML Technology Center eve.maler @ sun.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC