OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: [saml-dev] asynchronous response on SAML over SOAP over HTTP

Title: RE: [saml-dev] asynchronous response on SAML over SOAP over HTTP
Interestingly, though the current SAML bindings are synchronous, the browser/artifact profile assumes bindings may be asynchronous.
Prateek pointed this out to me in person, regarding our thread about whether the notBefore/notOnOrAfter checks are necessary in the browser/artifact profile.  If a synchronous binding was used, and the responder could be trusted only to return timely assertions, then the requestor would not need to do validity-period checking.  This is probably true for any use of a SAML binding, not just the brower/artifact profile.
At the recent Interop, validity-period checking caused problems in parsing and time synchronization.  So maybe we should take advantage of synchronous bindings to avoid these.  A binding spec could say whether it's synchronous or asynchronous, so that profiles could mandate these checks only in the asynchronous case.
Anyways, if this seems reasonable to people, I'd like to submit it as a feature request to the SSTC.  How would I go about this?
-----Original Message-----
From: Hal Lockhart [mailto:hal.lockhart@entegrity.com]
Sent: Monday, July 08, 2002 3:03 PM
To: 'Yuji Sakata'; saml-dev@lists.oasis-open.org
Cc: 'security-services@lists.oasis-open.org'
Subject: RE: [saml-dev] asynchronous response on SAML over SOAP over HTTP

Last week was a holiday for many people in the US.

You are correct that the SOAP Binding is currently only synchronous. The idea was to support a simple, mandatory to implement scheme, to insure basic interoperability. Frankly no one mentioned this as a requirement. Our main focus has been online environments in which an answer is needed immediately.

The SSTC (SAML) is preparing to begin work on new features very soon. It would be good to submit this requirement. Do you have a usecase in mind that would clarify how this capability would be used?


> -----Original Message-----
> From: Yuji Sakata [mailto:ysakata@rd.nttdata.co.jp]
> Sent: Monday, July 01, 2002 3:54 AM
> To: saml-dev@lists.oasis-open.org
> Subject: [saml-dev] asynchronous response on SAML over SOAP over HTTP
> Hi,
> I have a question about SOAP (over HTTP) Binding for SAML.
> In 3.1.3 of [SAMLBind],  SAML Assertion is typically returned
> synchronously on the same HTTP connection by SAML Responder.
> Is it required? I couldn't find the explicit description about this
> issue in 3.1.3 [SAML Bind].
> If synchronous reply is required, does it mean SOAP (over
> HTTP) Binding
> haven't supported asynchronous response (for example, in conjunction
> with ebXML messaging service) yet?
> Regards,
> ----------------------------------------------
> Yuji Sakata (NTT Data Corporation)
> Tel: +81-3-3523-8081
> E-Mail: ysakata@rd.nttdata.co.jp
> ----------------------------------------------
> ----------------------------------------------------------------
> To subscribe or unsubscribe from this elist use the subscription
> manager: <http://lists.oasis-open.org/ob/adm.pl>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC