OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [security-services] Tech Overview outstanding issues


On 10/6/06, Philpott, Robert <rphilpott@rsasecurity.com> wrote:
> Ummm... just after the Issuer element of the samlp:Response, the example
> says:
>     <!-- a POSTed response MUST be signed -->
>
> When using the POST binding with the SSO profile, it isn't the
> samlp:Response that must be signed.  Per Profiles section 4.1.4.5, it is
> the enclosed saml:Assertion that must be signed.

Yes, Rob, that appears to be the case.  Thanks for pointing that out.
I'll fix it on my end.

Tom Scavo
NCSA/University of Illinois


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]