OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Moving subjects up to assertions (disregardfirst reply)

> There was considerable debate, a clear motion, and a positive 
> vote during one of the early SAML face-to-face meetings (F2F2 
> or F2F3, I think, well before SAML 1.0 was published) that 
> SAML assertions would *ONLY* be about Principals, and nothing else.
> 
> Not to say we can't change that, but SAML 1.1 is *explicitly* 
> not supposed to support such use cases.

Unfortunately, SAML 1.1 also distinguishes extension points for
SubjectStatement and just Statement, which tends to undermine that
prohibition. At the very least, nothing in the spec makes it clear.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]