OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] A browser/POST question...

The section is 4.1.2.5, line 743 of the 1.0 B&P document.

Current text reads:

"The <saml:ConfirmationMethod> element of each assertion MUST be set to urn:oasis:names:tc:SAML:1.0:cm:bearer."

That text is actually a little muddled. I suggest a clarifying edit to read:

Each statement subject included in the response MUST include a <saml:ConfirmationMethod> element of
urn:oasis:names:tc:SAML:1.0:cm:bearer."

Then we can add:

"<saml:SubjectConfirmationData> SHOULD NOT be included."

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]