[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [security-services] Proposed Text and Location for HolderOfKeyandSenderVouches (NOT E commentary at start)
Prateek: Looks good. Two comments on the text.. > The element <SubjectConfirmationData> value MUST be a <ds:KeyInfo> element. > As described in [DSIG], the <ds:KeyInfo> element holds information > that enables an application to obtain a key needed to validate a signature. > The subject of the assertion is the party that can demonstrate that it is > the holder of the key used to create said signature. I don't think the above should be tied to "a signature".. The element <SubjectConfirmationData> value MUST be a <ds:KeyInfo> element. As described in [DSIG], the <ds:KeyInfo> element holds a key or information that enables an application to obtain a key. The subject of the assertion is the party that can demonstrate that it is the holder of the key. > The subject of the assertion is the party that can present a SAML > artifact, which the relying party MUST use to obtain the assertion from > the party that created the artifact. See also Section 4.1.1.1. We should cast the above in the past tense.. The subject of the assertion is the party that presented a SAML artifact, which the relying party used to obtain the assertion from the party that created the artifact. See also Section 4.1.1.1. thanks, JeffH
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC