OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: RE: [saml-dev] how service provider authenticate assertion

hello Scott Cantor,

	Thanks for your answer.I mean how to adjust the validity of SAML assertion.
From the SAML standard,I only find that saml:condition need be authenticate.how about SAML authenticate assertion statement,how to authenticate it?  define authenticate rule by myself ,parse xml text to make decision?the same to subject statement.
	I don't know how to deal with authenticate statement and saml:subject in SP.Does it relate to business requirement rule,not defined in saml standard.
    Best  regards!
                       Thank you very much!

                         hui zhang  

======= 2008-05-20 23:04:59 您在来信中写道:=======

>> 	   Identifier provider creates an assertion,then this assertion is
>> transferred to service provider.
>> how  service provider authenticate whether this assertion is in
>> effect?thanks!
>It's not in scope of the standard how you authenticate digital signatures or
>certificates. Most people use some combination of SAML metadata, PKI
>techniques, and various adaptations that make sense in their environment.
>-- Scott
>To unsubscribe, e-mail: saml-dev-unsubscribe@lists.oasis-open.org
>For additional commands, e-mail: saml-dev-help@lists.oasis-open.org

= = = = = = = = = = = = = = = = = = = =


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]