OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [saml-dev] HTTP error response code

On 6/2/06, Costello, Roger L. <costello@mitre.org> wrote:
> So the answer to Prasanta's question is:
>    There is no application-to-application interaction pattern specified
>    by the SAML profile specification.  It is up to you to define
>    how things will work.  Thus if the Service Provider receives an
>    assertion that is invalid, you must decide how to handle it.
> Do I understand correctly how new interaction patterns are to be dealt
> with?

Basically, yes.  See the section "SAML Profiles, Bindings, and
Extensions" on the SSTC home page.

> I assume that the profiles described in the profiles specification are
> there because the interaction patterns they depict are common, right?

I'm guessing the limited scope of the SAML profiles spec has been
intentional all along.  Too broad a scope often means nothing ever
gets done. ;-)


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]