[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Conflict between SAML 2.0 token profile and WS-Trust
The SAML 2.0 token profile currently says: If a token request does not include a <wst:KeyType> element, the Identity Provider SHOULD
assume that an asymmetric proof key is required. This is contrary to the WS-Trust spec, Section 9.2 (Key and
Encryption Requirements) which says that in the absence of a <KeyType>
element, the key type should default to a symmetric key. I think we
should be consistent with that, else we create contradictions. Any disagreement, or shall I file an issue for us to
consider on Thursday’s call? --
Mike P.S. The WS-Trust spec is at http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.html. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]