[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: use of protocolSupportEnumeration
Suppose an IdP has the following role descriptor in its metadata: <md:AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> I would like to add another role descriptor as follows: <md:AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:profiles:query:attributes:X509-basic"> but the metadata spec isn't clear whether or not the protocolSupportEnumeration attribute should contain "urn:oasis:names:tc:SAML:2.0:protocol" in its enumeration. On the one hand, the spec says the latter should always be included, but elsewhere it says two identical role descriptors should not overlap with respect to protocol support. Which is the correct interpretation in this case? Thanks, Tom
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]