OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [saml-dev] Subject confirmation.

> So the profile defines the semantics.

Of subject confirmation, yes. That shouldn't be news to anybody. If it is,
the spec probably needs improvement, but the section in profiles on it says
this right up front.

Also, note the original point of audience conditions was to indicate
"agreements" under which the assertion was issued. There's nothing ambiguous
about it, IMHO. Arguably, many/most assertions should carry an audience of
that nature just to be explicit, but the SSO profile has always left it
implicit.

> It's like the small print in a  
> contract. If entities are contractually associated via some profile  
> then the semantics are really important, especially considering  
> SAML's banking pedigree.

Banking pedigree?

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]