[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] errata: misuse of strongly matches
On 10/24/06, Scott Cantor <cantor.2@osu.edu> wrote: > > The text on lines 1949--1953 satisfies the 80-20 rule, surely. There > > are some cases that are not covered, however. For instance, I don't > > think it makes sense to compare <BaseID> with <NameID>. > > No, but that's not allowed by that text, unless you think that satisfies the > meaning of "identical". I agree with your definition of "identical" but I think it only applies to two elements of type NameIDType (after decryption of course). I don't know what it means for two elements of type BaseIDAbstractType to be identical, let alone two elements of type AssertionType. There's also the issue of the Format attribute. The <NameID> element defaults to Format "unspecified", so what if one element has no Format attribute and the other is "unspecified"? Two such <NameID> elements might be called equivalent. Is equivalence good enough on lines 2600--2601 of SAMLCore and 1299--1301 of SAMLProf? Tom
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]