OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [saml-dev] the value of AuthnInstant

> I don't think this leaves much to deployment/implementation
> interpretation.

Since the SAML 1 text was largely identical and it was explicitly stated to
me on many occasions that this was up to interpretation, I don't know what
else to tell you.

I'm not trying to argue it isn't reasonable to be more explicit, but it does
burden implementations a bit.

It's a plain fact that older IdPs varied on this, partly because there was
no AuthenticationMethod called out to say "reused a session" and we often
just re-sent the original method. Whether the timestamp got updated or
preserved was entirely dependent on whether the IdP had any way to remember
it or not. Some did, some didn't (and no, the one I worked on did not, at
least not by default).

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]