OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Potential error in AuthContext spec?


WOW… it’s been a long time since I felt comfortable down in the bowels of the AuthnContext spec (oh wait… I never felt comfortable there J).

 

We have a use case where someone is attempting to create aninstance document  for the class TimeSynchToken and it appears there is an error in the spec.

 

The TimeSyncToken schema defines the AuthnMethodBaseType to be a restriction of AuthnMethodBaseType where PrincipalAuthenticationMethod is optional and Authenticator is required.

 

However, the Token element is in the PrincipalAuthenticationMechanismType, not in the AuthenticatorSequenceGroup and thus it can’t be part of the Authenticator element.

 

So we’re stumped as to how to create a TimeSyncToken authenticator.

 

Are we missing something?

 

Rob Philpott | Senior Technologist | RSA, the Security Division of EMC

eMail: robert.philpott@rsa.com | Office: 781.515.7115 | Mobile: 617.510.0893

 



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]