[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [security-bindings] web browser profile: review before con-call onThursday
Colleagues, Here is the web browser profile document. I have attempted to include text for the relying party tailors assertion case in the simplest possible way. The key issue is that instead of making two roundtrips the RP can make a query for additional assertions at the same time when obtaining the referent of the SAML artifact. Even this raises some difficult issues which are unresolved: suppose the attribute query component includes attributes that cannot be found at the AP. What should the AP return? The issue of error states in this model is a complex one and one that we have not yet worked through Further, based on my analysis of core-20 we are not as yet supporting a query form which includes a SAML artifact AND a list of required attributes. Please review the draft carefully before the Thursday con-call. I plan to put out the final document Thursday PM. - prateek
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC