OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: SAML configuration/interoperability woes


Continuing from Browser Artifact question

When I look on the F2F-binding paper, paragraph 3.1.2 I get some
feelings that this is not designed for plug-and-play.  Specifics:

- The sample PartnerID is supposed to be communicated out-of-band
- There is no place to store the assertion "pull" URL
- Are the type-code to be registered?

Artifacts introduce new problems that IMHO have not yet gotten
suitable generic solutions.

Minor detail: B64 encoding means Base64?  If so I would add
that this in turn must be URL-encoded as well to not get problems
with "=".

rgds
Anders R




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC