OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [saml-dev] Subject in the AuthRequest.

> If from I guess its policies the IDP allow the key, would 
> then build an assertion (after authentication) with the same 
> subject+confirmation as specified in the request (is this a 
> MUST/MAY or SHOULD)?

It's a MUST, but not a testable MUST. The confirmation has to be
"equivalent". I could specify ds:KeyName of "Foo" and get back a literal key
that is understood to be the same.

All interop ends at ds:KeyInfo.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]