[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Potential errata on AuthnContextDeclRef/ClassRef
Agreed - I don't believe I've ever seen anyone even use a AuthnContextDecl. Have you? We've certainly never run across a customer or partner that needed it (and thus don't support it today). Rob Philpott | Senior Technologist | RSA, the Security Division of EMC eMail: robert.philpott@rsa.com | Office: 781.515.7115 | Mobile: 617.510.0893 > -----Original Message----- > From: Cantor, Scott [mailto:cantor.2@osu.edu] > Sent: Friday, June 01, 2012 11:19 AM > To: Philpott, Robert; security-services@lists.oasis-open.org > Subject: Re: [security-services] Potential errata on > AuthnContextDeclRef/ClassRef > > On 6/1/12 11:18 AM, "robert.philpott@rsa.com" > <robert.philpott@rsa.com> > wrote: > > >Yep - it's always seemed common sense to me... include "class" URN's as > >ClassRef elements and put your "custom" declaration reference URI's in > >DeclRef. But since we received an assertion from a new partner site > >(with a custom implementation) that put the URN in the DeclRef, I figured > >I'd check back with you guys before I definitively told them to ask the > >partner to change it. Just wanted to make sure there wasn't some obscure > >use case I had forgotten about. > > That assumes the custom thing was a decl ref. Custom classes are certainly > allowed, and much more common. A decl is pretty unusual. > > -- Scott >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]