OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [security-services] Groups - sstc-saml-x509-authn-attrib-profile-draft-10-diff.pdf uploaded


On 8/30/06, Scott Cantor <cantor.2@osu.edu> wrote:
> > So SP metadata (according to this profile) is a MUST?
>
> No, metadata is never a MUST. It's not even really a SHOULD. There are rules
> to follow if you're using metadata. If you're not, you're free to do
> whatever you want.
>
> > While IdP metadata (according to this profile) is a SHOULD?
>
> Same issue. I'm just saying that IdP metadata here is probably usable as is
> in many cases (Ari has made the same point) while I agree with you that
> there really is no obvious way to represent the SP side without an
> extension. But since metadata can be used to exchange information and not to
> automate configuration, you could easily stuff it into SPSSODescriptor and
> plenty of people would get along just fine.

Okay, I'll rewrite the metadata requirements with this in mind.
Thanks to you and Ari for the feedback.

Tom


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]