OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: [saml-dev]

> 3.Use the same SSO Assertion as received during the SSO, 
> which also holds the attribute statement as the Evidence, but then
> may have expired. We could keep the expiration range to be long enough
> that the assertion is alive for the whole round trip demo.

FWIW, as a general issue outside of your interop event, I had presumed
that if one wanted to include attributes with the SSO bundle, one would
create a second assertion to contain the attribute statement, so that it
could be made long lived (relatively) without affecting the SSO

In the POST profile, this is simple, since the response can just carry
both assertions at once. I guess with artifact, you'd send along two
artifacts? It was a 1:1 artifact:assertion correspondence that was
intended, I think.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC