[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [no subject]
Combining SLO with NameID termination, we should clarify whether it's explicitly not required for the SP to continue to expect or process SLO messages for an active session following NameID termination. The spec implies pretty strongly that you don't because you can terminate your local session. Second, from AI #207, there was an issue that came up during the IOP that Greg Whitehead relayed to me regarding the need to clarify the behavior expected around the SP AuthnRequestsSigned and the IdP WantAuthnRequestsSigned metadata flags. The lack of a flag at an SP was not intended to imply that an SP would never sign if it had a reason to, and the IdP flag was not intended to somehow create a conflict. You can't resolve the situation policywise if an SP and IdP disagree about whether to sign, the metadata simply might reflect this. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]