[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Groups - sstc-saml-x509-authn-attrib-profile-draft-10-diff.pdf uploaded
> Well that's the point, I guess. Currently, there doesn't seem to be > any way for an endpoint to call out support for one of the X.509 > profiles and NOT support the Assertion Query/Request Profile. In that > sense, EVERY attribute query profile should extend the Assertion > Query/Request Profile. Since that profile doesn't actually constrain much of anything, it's not obvious to me that you don't pretty much have that by definition, assuming by "extend" you also include "restrict" (as in, MUST sign or MUST encrypt or MUST use X mechanism to authenticate, MUST use Format Foo etc.) Otherwise, again, that's what <md:AttributeService> means, and there'd be a different element needed. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]