OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [saml-dev] empty <ds:X509Certificate/> element?


On Sat, Aug 2, 2008 at 7:52 PM, Scott Cantor <cantor.2@osu.edu> wrote:
>
> Like I said on a call recently, if it had been thought through, I suspect
> I'd have added text to the AuthnRequest section making it legal to ask for a
> confirmation method but without data, regardless of what the method
> definition says, but we didn't do that, so as it currently stands, to ask
> for HoK, you MUST include a KeyInfo, and I don't think KeyInfo itself lets
> you get away without including *something*.

That's really too bad.  The more I think about it, the more useful I
think this would be.  When we get around to addressing the related
metadata issue, we should at least allow one or both of the parties to
call out their requirements in metadata.  A static requirement (like
attributes) is much less desirable than specifying on the fly,
however.

Tom


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]