[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] PE2 and <ArtifactResolutionService>
Okay. I guess, otherwise, it would have been mentioned in the Artifact profile too, and in SAMLBind (strengthening the advice there on how Metadata could be used along with the EndpointIndex). The text in SAMLProf at para (Line 639), however, is just another bare statement in the conjunction set that is the specification ... unlike all the other appearances of Metadata uses, including in the numbered Metadata sections, each use/para of which is couched in a bed of SHOULD/MAY conditionals and non-normative text. Perhaps that "if you do use it" text you mention should be added there (e.g. if the artifact issuer does use metadata as specified in [SAMLMeta])? What do you think, as well, of adding in SAMLMeta text some text about this in SSODescriptorType, for any entity delivering requests or responses using HTTP Artifact ... in parallel to the way SingleSignOnService is couched, wrt to any SAML authority that supports the Authentication Request protocol (aka IDP)? --Nick > -----Original Message----- > From: Scott Cantor [mailto:cantor.2@osu.edu] > Sent: Monday, June 13, 2005 07:51 AM > To: 'Nick Ragouzis'; security-services@lists.oasis-open.org > Subject: RE: [security-services] PE2 and <ArtifactResolutionService> > > > > For this particular case, the requirement is declared in > > SAMLProf., Section 4.1.6., Line 639: > > > > "If the request or response message is delivered using the HTTP > > Artifact binding, the artifact issuer MUST provide at least one > > <ArtifactResolutionService> endpoint element in its metadata." > > > > It's the only required use of MD I could find, btw. > > It doesn't require you use metadata, it's just in the section > on use of metadata and is simply pointing out that if you do > use it, you'd have to supply such an endpoint in that case. > > -- Scott > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. You may a link to this group and all > your TCs in OASIS > at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgr > oups.php > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]