[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: saml-dev RE: [saml-dev] Question about the base64 encoding inBrowser/POST profile
> > The questions I have are about base64 and whether any of that is > > affected by character encoding. > > No, it's just arbitrary bytes to base64; it doesn't know if > it's UTF8, UTF16, Shift-JIS, gb-xxxx, etc. I don't think there's a major issue then. The XML in the POST profile must be signed before encoding it, so in the general case, most people are probably base64-encoding a c14nized document, which is UTF-8. We should probably just add text to the profile that mandates that. > I believe the problem is that the SAML schema doesn't allow > you to say *which* encoding is used. There is no use of base64 in the schema apart from ds:KeyInfo/ds:Signature, in which case it should be dealt with there. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]