OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [saml-dev] the value of AuthnInstant

> Yes, I'm being a bit of a pain here, but that about sums up what an
> errata would end up saying.  The spec does call out for specific behavior
> because some parties have ignored it in the past, we're going to add an
> that says you really need to do what the spec says.

I asked the TC way back when what SAML required in this area for SSO and I
was told that it did NOT require this behavior. I don't know what else you
want me to say. You obviously don't agree with the original statement, but
that doesn't change what was said. This was years ago, probably before SAML
1.0 even came out.

So I take issue with the idea that I was ignoring anything. We did what we
were told was allowed, nothing more. We didn't do it because it was optimal
or anything, we just weren't prepared to do more at the time.

That to me implies that 2.0 could easily be worded differently if we're
claiming it doesn't mean the same thing. I think the AC class is probably
the chief part of that, because as far as I can tell that's the only thing
that got added in 2.0, and we've never discussed the implications of it in
the TC that I recall.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]