[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] Question about the base64 encoding in Browser/POST profile
|
Jon, Reviewing the relevant text (lines 692-694
of the bindings document) it appears that we haven't
explicitly called out the use of UTF-8. This seems to be standard technique
used, for example, in c14n canonicalization. Before the document is base64 encoded, it is
first converted to a byte-stream using UTF-8. I have also forwarded this
message to Jahan Moreh who
is maintaining the SAML errata list. We should pick this up as potential
errata. Does that address your concerns? Are we
still missing something here? - prateek
-----Original Message----- I am trying to prototype the
Browser/POST profile and I have a question about the use of base64 in this
profile. In step 2 of this profile, the base64 encoding of a SAML response is
embedded in a HTML form. In order to do this you must first serialize the SAML
response to a sequence of octets, which can then be base64 encoded. What
character encoding is supposed to be used to serialize the SAML response to a
sequence of octets? Do you use the character encoding of the HTTP message? It
seems like the SAML response could be serialized using a character encoding
that is different than the HTTP message. In this case, how would be destination
site known what characeter encoding should be used when decoding the SAML
response? Any insight you can provide would be
appreciated. Thanks Jon Westbrock |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]