OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: [security-services] proposed change to POST profile: send Responseinstead of Assertion

On Tue, 29 Jan 2002, Eve L. Maler wrote:

> I hate to ask about this, but: It seems to create a limited sort of
> HTTP protocol binding for at least the back half of a SAML
> request-response protocol exchange; do we need to cover this in the
> bindings doc?

Hmm, I don't see why.  The reason to write a SAML HTTP(s) binding would be
so that SAML-savvy software could send SAML Requests and Responses via
HTTP(s).  But this is just about an ordinary browser sending in a HTTP
POST some data that happens to be a (signed) SAML Response.  Two different
animals (one of which remains theoretical, at least for now).

 - RL "Bob"

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC