[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: ooops, or error on lines 523-524 of binding
Lines 523-524 of bindings-07 state: >In steps 4 and 5, the destination site, in effect, dereferences the >one or more SAML artifacts in its possession in order to acquire a >>SAML SSO assertion that corresponds to each artifact. Unfortunately, this is a botched correction of an earlier incorrect statement in cs-sstc-bindings-01: 500 - 501 "dereferences the one or more SAML artifacts in its possession in order to acquire a SAML authentication assertion that corresponds to each artifact" Other contexts in bindings-07 make it clear that assertions other than SSO assertions may be passed via artifacts: 550 At least one of the SAML assertions returned to the destination site MUST be an SSO assertion. OR 611 · SAML assertions communicated in step 5 MUST include an SSO assertion. OR 718-721 Exactly one SAML response MUST be included within the FORM body with the control name SAMLResponse; multiple SAML assertions MAY be included in the response. At least one of the assertions MUST be an SSO assertion. A single target description MUST be included with the control name TARGET. ------------------------------------------------------------------- SUMMARY: I am making the editorial recommendation that we remove the word SSO from lines 523-524. It would then read: >In steps 4 and 5, the destination site, in effect, dereferences the >one or more SAML artifacts in its possession in order to acquire a >>SAML assertion that corresponds to each artifact.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]