[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Web SSO <AuthnRequest> conformance
My mistake, I see POST isn't required. Personally, I think it should be. Ultimately, POST is the purest binding with no extra calls or assumptions. Apart from signature support, which is pretty easy now, it's really the simplest. I don't think it's reasonable to assume requests will fit, and 2k isn't even a good guess at a limit. Some devices in some deployments are crazy low (256), so being able to configure it to use something else is important. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]