[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] Subject in the AuthRequest.
> If from I guess its policies the IDP allow the key, would > then build an assertion (after authentication) with the same > subject+confirmation as specified in the request (is this a > MUST/MAY or SHOULD)? It's a MUST, but not a testable MUST. The confirmation has to be "equivalent". I could specify ds:KeyName of "Foo" and get back a literal key that is understood to be the same. All interop ends at ds:KeyInfo. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]