OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

imi-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Comments from J.Durand

Review of specification:
SAML V1.1 Information Card Token Profile V1.0
SAML V2.0 Information Card Token Profile V1.0
------------- comments apply to both specs:
1- Is there any way to notify the behavior of Relying Party w/r to what is accepted / not accepted, e.g.
"Implementations MAY accept claim types encoded using the convention where..."
How is the implementation supposed to communicate that it does not accept these (any error or warning to be generated?)
2- Reading the conformance clause, it sounds like there are 3 conformance targets, not just 2:
(a) Identity Provider implementation
(b) Relying Party implementation
(c) assertions
Since the concept of consistent (or conforming) assertion is so important to
"implementations" (a and b) as these are actually evaluated on their ability to handle such assertions
shouldn't the conf clause also define what a conforming assertion is and more explicitly refer
to the related normative text (which I feel are not just restricted to section 2.3.3. ?)
3- Conformance Clause editorial:
- " A Relying Party implementation conforms to this profile if it can accept assertions consistent with the
normative text of Section 2.4. "
Not only I believe: because the assertions it is supposed to accept are also to be consistent with 2.3.3.
Might be resolved by addressing comment #2.
- Given the very concise wording of the conformance clause, it might be helpful to
clarify that being "consistent with the normative text" actually means that the implementation
only needs to behave consistently with normative statements using MUST / MUST NOT
(as readers might wonder what does it mean to be consistent with a SHOULD statement...).
Jacques D.
Fujitsu America, Inc.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]