[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [saml-dev]
I prefer the simplication of putting the attribute statement within the SSO Assertion. So a single artifact serves just fine. Thanks Bhavna >From: "Mishra, Prateek" <pmishra@netegrity.com> >To: "'Scott Cantor'" <cantor.2@osu.edu>, "'Bhavna Bhatnagar'" <bhavna.bhatnagar@sun.com>, saml-dev@lists.oasis-open.org, afetterer@crosslogix.com >Subject: RE: [saml-dev] >Date: Fri, 10 May 2002 17:51:43 -0400 >MIME-Version: 1.0 > >The browser profile supports transfer of arbitrary number >of artifacts (not really, the URL line tends to get truncated >after 1k+ in many situations). > >If there is a strong preference for two/n distinct artifacts in the demo, we >can certainly revise the interop draft to reflect that. The use of a single >artifact and assertion was intended as a simplification; if this is not the >case, we should remove the constraint. > >- prateek > > >>>-----Original Message----- >>>From: Scott Cantor [mailto:cantor.2@osu.edu] >>>Sent: Thursday, May 09, 2002 11:56 AM >>>To: 'Bhavna Bhatnagar'; saml-dev@lists.oasis-open.org; >>>afetterer@crosslogix.com >>>Subject: RE: [saml-dev] >>> >>> >>>> 3.Use the same SSO Assertion as received during the SSO, >>>> which also holds the attribute statement as the Evidence, but then >>>this >>>> may have expired. We could keep the expiration range to be >>>long enough >>>so >>>> that the assertion is alive for the whole round trip demo. >>> >>>FWIW, as a general issue outside of your interop event, I had presumed >>>that if one wanted to include attributes with the SSO bundle, >>>one would >>>create a second assertion to contain the attribute statement, >>>so that it >>>could be made long lived (relatively) without affecting the SSO >>>assertion. >>> >>>In the POST profile, this is simple, since the response can just carry >>>both assertions at once. I guess with artifact, you'd send along two >>>artifacts? It was a 1:1 artifact:assertion correspondence that was >>>intended, I think. >>> >>>-- Scott >>> >>> >>>---------------------------------------------------------------- >>>To subscribe or unsubscribe from this elist use the subscription >>>manager: <http://lists.oasis-open.org/ob/adm.pl> >>> ________________________________________________________________________ Bhavna Bhatnagar Sun Microsystems Inc. Identity Management group __o Tel: 408-276-3591 _`\<,_ (*)/ (*) ________________________________________________________________________
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC