OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] A browser/POST question...

Scott, Rob:

(1) Thanks for your paitence !
(2) I finally understood the problem (that took a while!)
(3) I have no problem with the following proposed text: 

Does this work?  This one is for bearer, but we can update the
case similarly.  It precludes the case I described in my last message,
but I
really am okay with the semantics described here...
Every <saml:SubjectStatement> present in the assertion(s) returned to
destination site MUST contain a <saml:SubjectConfirmation> element. The
<saml:ConfirmationMethod> element in the <saml:SubjectConfirmation> MUST
set to urn:oasis:names:tc:SAML:1.0:cm:bearer.

4) I agree this is kind of goofy overall and probably needs to be revised in
SAML 2.0. For good or bad it was sort of the proposal in 1.0.

- prateek

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]