[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [security-services] underspecified behavior for AuthenticationQuery ?
Emily, You have brought up an important point which at first sight I would have to say is an inconsistency in the binding-11 specification. As we have discussed previously, the general philosophy is that an authority should not discuss with a client *WHY* it is unable to return assertions (other than some sort of non-normative status message helpful for debugging). The concern here is that we do not want to provide means for an attack on the authority. >>> >> >>But in binding-11 spec, line 519-521, it says >> >>"The source site MUST return an error code if it receives a >><samlp:Request> >>message from an authenticated destination site X containing >>an artifact issued >>by the source site to some other destination site Y, where X <> Y." >> >>I feel we should treat a Request with AssertionID the same as >>a Request with >>Artifact if that AssertionID is associated with an Assertion >>that is issued for >>a specific site only. Can we safely say X <> Y is a real >>error therefore an >>error code should be returned instead of Success? >> What do you think of weakening lines 519-521 to be: The source site MUST not return an assertion if it receives a <samlp:Request> message from an authenticated destination site X containing an artifact issued by the source site issued to some other destination site Y, where X <> Y. This is more consistent with our "return no assertion" policy. - prateek
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC