[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] SubjectConfirmation in SAML query
> Does it make sense to include a SubjectConfirmation element in a SAML > query (in particular, AttributeQuery)? The spec does not rule it out, > but I can't imagine what a SubjectConfirmation might mean in a query. What it means isn't really ambiguous, but whether it makes sense is kind of a different question. Just like with an AuthnRequest, if you ask for a particular confirmation then you should get back something compatible. If that isn't sensible to the thing responding, it has to reject the attempt. I believe the use of confirmations is outside the scope of the standard query profile, meaning it isn't addressed or precluded. Since confirmation is essentially how you take a bare assertion and turn it into a security token, I guess a query asking for one would be a query from something that wants to use the assertion as a security token. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]