security-services message

Subject: Re: [security-services] comments re sstc-saml-holder-of-key-browser-sso-draft-10

From: "Tom Scavo" <tscavo@ncsa.uiuc.edu>
To: "OASIS SSTC" <security-services@lists.oasis-open.org>
Date: Sun, 11 Jan 2009 12:01:42 -0600

I didn't say that quite right.  Binding support must be two-way
(obviously), so what I'm trying to say is that both parties MUST
support HTTP Redirect and HTTP POST.  On the other hand, I would like
to say that HTTP Artifact is OPTIONAL.

The latter intentionally deviates from the SAML V2.0 conformance spec.
 I believe that support for HTTP Artifact is a quality that
distinguishes full conformance from "lite" conformance.  The latter is
what we should shoot for in this spec, or so I claim.

Comments?

Tom

On Sun, Jan 11, 2009 at 11:22 AM, Tom Scavo <tscavo@ncsa.uiuc.edu> wrote:
> In the HoK Web Browser SSO Profile, what bindings MUST the IdP and the
> SP support for conformance purposes?  I would think that the SP MUST
> support HTTP Redirect while the IdP MUST support HTTP POST.  Does this
> sound reasonable?
>
> Tom
>

References:
- comments re sstc-saml-holder-of-key-browser-sso-draft-10
  - From: "Tom Scavo" <trscavo@gmail.com>
- Re: [security-services] comments re sstc-saml-holder-of-key-browser-sso-draft-10
  - From: "Tom Scavo" <tscavo@ncsa.uiuc.edu>
- Re: [security-services] comments re sstc-saml-holder-of-key-browser-sso-draft-10
  - From: "Tom Scavo" <tscavo@ncsa.uiuc.edu>
- Re: [security-services] comments re sstc-saml-holder-of-key-browser-sso-draft-10
  - From: "Tom Scavo" <tscavo@ncsa.uiuc.edu>
- Re: [security-services] comments re sstc-saml-holder-of-key-browser-sso-draft-10
  - From: "Tom Scavo" <tscavo@ncsa.uiuc.edu>