[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Public Comment
Comment from: hmadhavanpillai@rsasecurity.com Name:Hareedran Title: Technical Lead Organization: Hcl Technologies Regarding Specification: SAML Attribute Sharing Profile for X.509 Authentication-Based Systems In the 2.2.1 Overview section the spec says "Principal authentication is accomplished through the presentation of a trusted X.509v3 certificate (that is, the federated credential is a certificate, and not a SAML assertion)" Even if the principal uses Certificate for authentication, it still uses SAML assertion. The point is if the principal uses Certificate for authentication, in assertion, the <Subject> element will contain a <NameID> with the value of the Subject DN from the principal’s X.509v3 certificate and a format with the value of urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName. The federated credential is still a SAML assertion
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]