OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: [OASIS Issue Tracker] Created: (SECURITY-6) Conflict with core inSSO profile on returning error Responses to SP


Conflict with core in SSO profile on returning error Responses to SP
--------------------------------------------------------------------

                 Key: SECURITY-6
                 URL: http://tools.oasis-open.org/issues/browse/SECURITY-6
             Project: OASIS Security Services (SAML) TC
          Issue Type: Bug
          Components: Profiles
    Affects Versions: Version 2.0
            Reporter: Scott Cantor
            Priority: Minor
             Fix For: 2.0 incorporating Approved Errata


Section 3.4.1.4 of Core states that "The responder MUST ultimately reply to an <AuthnRequest> with a <Response> message..." regardless of success or failure.

Section 4.1.3.5 of Profiles reads "Regardless of the success or failure of the <AuthnRequest>, the identity provider SHOULD produce an HTTP response to the user agent containing a <Response> message...".

The conflicting language should be clarified, without imposing the impossible requirement for an IdP to guarantee a response, but to encourage implementers to favor responses and/or provide options to ensure that.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]