[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Question on PE6 (artifact confirmation methods)
Eve - I *think* you are reading this correctly in that we decide to have a generic identifier for artifact confirmation method. However, I defer to Rob as he is the originator of this item.... Jahan ---------------- Jahan Moreh Chief Security Architect 310.286.3070 > -----Original Message----- > From: Eve L. Maler [mailto:eve.maler@sun.com] > Sent: Tuesday, April 08, 2003 5:41 PM > To: 'security-services@lists.oasis-open.org' > Subject: [security-services] Question on PE6 (artifact confirmation > methods) > > > I'm working my way through the Bindings and Profiles changes now. The > disposition for PE6 in the errata document says: > > "Add a confirmation method ID (artifact) and indicate that either one > can be used for 01, 03, or any other future." > > I couldn't quite parse this and couldn't recall the discussion on > February 18 that led to it. Nor were the minutes particularly helpful. > I think I'm supposed to add a section for a generic artifact > confirmation method, urn:oasis:names:tc:SAML:1.0:cm:artifact, and > explain that either it or the -01 version can be used. But I don't > understand the "01, 03, or any other future" part. I would have thought > that we would deprecate and plan to phase out the numbered version > eventually. ? > > Also, I'm not sure we answered the other question in the erratum, which > says "We should also be explicit as to whether providing the actual > artifact in the ConfirmationData is required, optional, or not permitted > - Which is it?" > > Eve > -- > Eve Maler +1 781 442 3190 > Sun Microsystems cell +1 781 354 9441 > Web Technologies and Standards eve.maler @ sun.com >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]