[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [saml-dev] SAML2 metadata for a SAML1 IdP
On 7/1/07, Scott Cantor <cantor.2@osu.edu> wrote: > > Sorry, Scott, I'm not understanding you. I'm talking about ordinary > > SAML1 IdP-initiated Browser/POST. What does IdP metadata look like in > > this case? > > Whatever you want it to look like (that's what unspecified means), but I > stand by the original statement. There is no such thing as "ordinary SAML1 > IdP-initiated Browser/POST". You can't get an IdP to respond using thought > waves. Something from the client has to tell it to respond. That's an > AuthnRequest, whatever the form. So what I hear you saying is that a deployment's implementation of Step 1 of the SAML1 browser profile determines the binding. Okay, that makes sense. Let me ask a different question. Does the use of IDPSSODescriptor/SingleSignOnService imply adherence to the four steps of the SAML1 browser profile? In other words, is it wrong to use that descriptor for some other profile? Tom
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]