[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: How does an artifact issuer "authenticate" the sender of the <ArtifactResolve> message?
Hi Folks, In section 3.6.5.2 of the Binding’s
specification it says: If the actual SAML protocol message is intended for a
specific recipient, then the artifact’s issuer MUST authenticate the
sender of the subsequent <ArtifactResolve> message before returning the
actual message. Question: how does an artifact issuer “authenticate
the sender” of the <ArtifactResolve> message? There doesn’t
seem to be anything within an <ArtifactResolve> message for
authentication. Thanks. /Roger |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]