OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [saml-dev] holder-of-key subject confirmation

On Sun, May 11, 2008 at 1:13 PM, Scott Cantor <cantor.2@osu.edu> wrote:
>  > OTOH, if the IdP used KeyInfo/X509Data/X509SubjectName to identify the
>  > subject name of the user and C2 had the same Subject name, presenting
>  > the message with proof of C2's private key would be considered to meet
>  > the requirements identified by the IdP.
>  In this case, I would claim this is impossible absent other constraints on
>  the PKI in use. But probably possible in the abstract.

Conor's conclusion makes sense to me, but Scott I don't understand
your comment.  Are you saying you can think of no practical situation
where the user would have and use two such certificates, or is there
some other point you're trying to make here?


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]