OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [saml-dev] multi-statement SAML assertions


> In SAML V1.1, every statement contains a separate Subject 
> element.  As far as I can tell, there is nothing in the spec 
> that says every statement in an assertion must refer to the 
> same subject.  Am I reading the spec correctly?

That is correct.  However, in practice they all had the same

This actually became a problem with subject confirmations in 
that in some implementations, a particular statement would
have the confirmation but not all, even though they all 
referred to the same subject.  A tight reading of the spec
for such assertions would mean that the other statements
were valid without any need for comfirmation.

In any case, with 1.1 and before, each statement could be
targeted at different subjects.  In 2.0, Subject was moved
to an assertion level element rather than a statement level


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]