[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] A browser/POST question...
Eve- PE20 is the number. I was going to even include the exact text in the disposition. I will publish the errata doc later today. Thanks, Jahan ---------------- Jahan Moreh Chief Security Architect 310.286.3070 > -----Original Message----- > From: Eve L. Maler [mailto:eve.maler@sun.com] > Sent: Friday, May 02, 2003 7:51 AM > To: ''security-services@lists.oasis-open.org ' ' > Subject: Re: [security-services] A browser/POST question... > > > Jahan, can I assume that this will get a PE20 designation in the errata > document now that it seems this has settled down? (I will take that > chance and mention this number in the revision history.) The > disposition would be something like "revised text worked out on the > list, expecting TC approval at next opportunity". Thanks! > > Eve > > Philpott, Robert wrote: > > And if I might tweak the tweak... > > > > Change "subject-containing" to "subject-based"? > > > > Rob Philpott > > RSA Security Inc. > > The Most Trusted Name in e-Security > > Tel: 781-515-7115 > > Mobile: 617-510-0893 > > Fax: 781-515-7020 > > mailto:rphilpott@rsasecurity.com > > > > > > > >>-----Original Message----- > >>From: Eve L. Maler [mailto:eve.maler@sun.com] > >>Sent: Thursday, May 01, 2003 6:50 PM > >>To: ''security-services@lists.oasis-open.org ' ' > >>Subject: Re: [security-services] A browser/POST question... > >> > >>I would editorially tweak as follows (since it would be pretty unusual > >>for there to be real saml:SubjectStatement elements present): > >> > >>Every subject-containing statement present in the assertion(s) returned > >>to the destination site MUST also contain a <SubjectConfirmation> > >>element. The <ConfirmationMethod> element in the <SubjectConfirmation> > >>MUST be set to urn:oasis:names:tc:SAML:1.0:cm:bearer. > >> > >> Eve > >> > >>Mishra, Prateek wrote: > >> > >>>Scott, Rob: > >>> > >>>(1) Thanks for your paitence ! > >>>(2) I finally understood the problem (that took a while!) > >>>(3) I have no problem with the following proposed text: > >>> > >>> > >>> > >>>Does this work? This one is for bearer, but we can update the > >>>artifact-01 > >>>case similarly. It precludes the case I described in my last message, > >>>but I > >>>really am okay with the semantics described here... > >>>------------------- > >>>Every <saml:SubjectStatement> present in the assertion(s) returned to > >>>the > >>>destination site MUST contain a <saml:SubjectConfirmation> element. The > >>><saml:ConfirmationMethod> element in the > <saml:SubjectConfirmation> MUST > >>>be > >>>set to urn:oasis:names:tc:SAML:1.0:cm:bearer. > >>>------------------- > >>> > >>>4) I agree this is kind of goofy overall and probably needs to be > >> > >>revised in > >> > >>>SAML 2.0. For good or bad it was sort of the proposal in 1.0. > >>> > >>> > >>>- prateek > >>> > >> > >>-- > >>Eve Maler +1 781 442 3190 > >>Sun Microsystems cell +1 781 354 9441 > >>Web Technologies and Standards eve.maler @ sun.com > > > > > > -- > Eve Maler +1 781 442 3190 > Sun Microsystems cell +1 781 354 9441 > Web Technologies and Standards eve.maler @ sun.com >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]