OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Web SSO <AuthnRequest> conformance

My mistake, I see POST isn't required. Personally, I think it should be.
Ultimately, POST is the purest binding with no extra calls or assumptions.
Apart from signature support, which is pretty easy now, it's really the
simplest.

I don't think it's reasonable to assume requests will fit, and 2k isn't even
a good guess at a limit. Some devices in some deployments are crazy low
(256), so being able to configure it to use something else is important.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]