OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] PE2 and <ArtifactResolutionService>

Okay. I guess, otherwise, it would have been mentioned in the 
Artifact profile too, and in SAMLBind (strengthening the
advice there on how Metadata could be used along with the 
EndpointIndex). 

The text in SAMLProf at para (Line 639), however, is just 
another bare statement in the conjunction set that is the 
specification ... unlike all the other appearances of Metadata 
uses, including in the numbered Metadata sections, each 
use/para of which is couched in a bed of SHOULD/MAY 
conditionals and non-normative text. 

Perhaps that "if you do use it" text you mention should be 
added there (e.g. if the artifact issuer does use metadata 
as specified in [SAMLMeta])?

What do you think, as well, of adding in SAMLMeta text some
text about this in SSODescriptorType, for any entity delivering
requests or responses using HTTP Artifact ... in parallel to 
the way SingleSignOnService is couched, wrt to any SAML authority
that supports the Authentication Request protocol (aka IDP)?

--Nick





> -----Original Message-----
> From: Scott Cantor [mailto:cantor.2@osu.edu] 
> Sent: Monday, June 13, 2005 07:51 AM
> To: 'Nick Ragouzis'; security-services@lists.oasis-open.org
> Subject: RE: [security-services] PE2 and <ArtifactResolutionService>
> 
> 
> > For this particular case, the requirement is declared in 
> > SAMLProf., Section 4.1.6., Line 639:
> > 
> > "If the request or response message is delivered using the HTTP
> > Artifact binding, the artifact issuer MUST provide at least one
> > <ArtifactResolutionService> endpoint element in its metadata."
> > 
> > It's the only required use of MD I could find, btw.
> 
> It doesn't require you use metadata, it's just in the section 
> on use of metadata and is simply pointing out that if you do 
> use it, you'd have to supply such an endpoint in that case.
> 
> -- Scott
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  You may a link to this group and all 
> your TCs in OASIS
> at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgr
> oups.php 
> 
>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]