[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [saml-dev]
> 3.Use the same SSO Assertion as received during the SSO, > which also holds the attribute statement as the Evidence, but then this > may have expired. We could keep the expiration range to be long enough so > that the assertion is alive for the whole round trip demo. FWIW, as a general issue outside of your interop event, I had presumed that if one wanted to include attributes with the SSO bundle, one would create a second assertion to contain the attribute statement, so that it could be made long lived (relatively) without affecting the SSO assertion. In the POST profile, this is simple, since the response can just carry both assertions at once. I guess with artifact, you'd send along two artifacts? It was a 1:1 artifact:assertion correspondence that was intended, I think. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC