[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [security-services] Summary: ISSUE:[MS-5-07: SSO Confirmation] (was:ISSUE: bindings-model-11: SSO Assertion'sConfirmationMethod set toSAMLArtifact?)
This msg is intended to summarize and polish the proposed fixes to bindings-model-11 and core-28 (nee core-27) described in these two messages... ISSUE: bindings-model-11: SSOAssertion'sConfirmationMethod set to SAMLArtifact? http://lists.oasis-open.org/archives/security-services/200203/msg00034.html ISSUE: core-27: section 7.1.1 SAML Artifact http://lists.oasis-open.org/archives/security-services/200203/msg00043.html Here's my revised proposed text.. The change to make to bindings-model-11 is to change lines 525-526 of bindings-model-11 to say.. The <saml:ConfirmationMethod> element of each assertion MUST be set to the value specified in [SAMLCore] for "SAML Artifact", and the <saml:SubjectConfirmationData> element MUST be present with its value being the SAML_artifact supplied to obtain the assertion(s). The change to make to core-28 is to change lines 1799-1800 to say.. The assertion was obtained via the "Browser/Artifact Profile of SAML". The artifact contained in the SubjectConfirmationData is the one used to obtain the assertion. [SAMLBind] JeffH
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC