[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Action Items 236 and 231
Was AI 236 ever captured in errata? I can't seem to find it... ::Ari > -----Original Message----- > From: Scott Cantor [mailto:cantor.2@osu.edu] > Sent: Tuesday, October 11, 2005 6:27 AM > To: security-services@lists.oasis-open.org > Subject: [security-services] Action Items 236 and 231 > > > > *0236*: Errata on SSO Response when using HTTP-Artifact > > > > http://lists.oasis-open.org/archives/saml-dev/200509/msg00019.html > > Minor issue, but I suggest we insert a clarifying paragraph > after line 1173 > of Bindings: > > "Finally, note that the use of the Destination attribute in > the root SAML > element of the protocol message is unspecified by this > binding, because of > the message indirection involved." > > > *#0231*: SOAP client cert authn and reln to SAML messages > > My memory of this "issue" isn't great, but I suppose we could > add clarifying > text to section 3.1.2.2 of Bindings by adding a sentence to the first > paragraph: > > "Note that when SSL/TLS authentication is used, an X.509 certificate > presented by a peer is typically used to authenticate > messages produced by > that peer, but the means by which the relationship is > established between > the identity in the certificate and the identity of the peer > is not defined > by SAML." > > Another way to go (arguably better perhaps) is to push all this to the > phantom impl guidelines doc where we can hand wave about PKI > and trust to > our heart's content. > > -- Scott > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. You may a link to this group and all > your TCs in OASIS > at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]