security-services message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Random Overdue Question on SubjectConfirmation
- From: Brian Campbell <bcampbell@pingidentity.com>
- To: security-services@lists.oasis-open.org
- Date: Wed, 16 Jun 2010 12:32:12 -0600
Can anyone explain the rational behind having the MUST NOT on the NotBefore attribute of <SubjectConfirmationData> in the Web Browerser SSO profile (section 4.1.4.2 of saml-core-2.0-os)? It predates me and, though I didn't understand it, I didn't give it too much considereation when I wrote my SAML implementation. However, now I'm looking at profiling the use of a SAML bearer assertion in a different but similar context and I'd like to better understand why the NotBefore was so explicitly disallowed so I can decide if I should follow suit or not.
Thanks for any info,
Brian Campbell
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]