RE: [saml-dev] Destination vs. Recipient and signing ofAssertion vs. Response

["Lucas, Mike" <Mike.Lucas@gwl.ca>]

Thanks for the clarifications Scott, I'm completely clear on what is
necessary for our implementation now.

My main misunderstanding was the description of SubjectConfirmation in
SAML-core. After reading your answers to my questions, I think I can
understand it now. For the Web SSO Profile with mandatory Recipient,
it's basically saying "I the asserting party am making an assertion
about Subject A, but my relationship to Subject A -- including my
ability to make assertions for him -- can only be relied upon by
Recipient B. No one else should rely upon this relationship."

Does my paraphrasing make sense?