saml-dev message

Subject: RE: [saml-dev] preserving query parameters in AssertionConsumerServiceURL

From: "Scott Cantor" <cantor.2@osu.edu>
To: "'Mihaylov, Dimitar'" <dimitar.mihaylov@sap.com>
Date: Wed, 8 Apr 2009 12:51:50 -0400

Mihaylov, Dimitar wrote on 2009-04-08:
> I would interpret the part "signing the enclosing <AuthnRequest> message
> is another" that if the AuthnRequest is signed no comparision with the
> metadata is necessary? Is this correct? If yes then I do not see any
> problem putting any URL as value - containing parameters, etc. What do
> you think?

I never thought about it, but either way, it's a pointless thing to do since
you have RelayState. It's just asking for interop problems. Even if you sign
the request that doesn't mean the IdP is going to verify it. You don't
control that process.

-- Scott

Follow-Ups:
- RE: [saml-dev] preserving query parameters in AssertionConsumerServiceURL
  - From: "Mihaylov, Dimitar" <dimitar.mihaylov@sap.com>

References:
- preserving query parameters in AssertionConsumerServiceURL
  - From: "Schmidlin, Franck" <Franck.Schmidlin@northgate-is.com>
- RE: [saml-dev] preserving query parameters in AssertionConsumerServiceURL
  - From: "Schmidlin, Franck" <Franck.Schmidlin@northgate-is.com>
- RE: [saml-dev] preserving query parameters in AssertionConsumerServiceURL
  - From: "Mihaylov, Dimitar" <dimitar.mihaylov@sap.com>