security-services message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Potential Errata: Session Index on logout
- From: "Conor P. Cahill" <concahill@aol.com>
- To: SAML <security-services@lists.oasis-open.org>
- Date: Fri, 4 Nov 2005 08:23:14 -0500
The language surrounding session index on the <LogoutRequest>
(line 2546) is a bit lacking. I suggest we replace that line with
something along the lines of:
- The index of
the session between the pricipal identified by the subject and the
authenticating authority. This must correlate to the
<SessionIndex> that was present in the <AuthnStatement> of
the assertion used in the session that is being terminated by this
<LogoutRequest>, if any.
I also think we
should require that this be specified by the SP when sending an
SP-Initiated LogoutRequest if the assertion had a SessionIndex in it.
I was unable to find such a statement in the specs.
Conor
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]