[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Bindings draft 04 uploaded
I uploaded a PDF and OO doc with change bars that just reflects some revisions to the introduction and the SOAP binding to steer us toward a revised binding that supports what we need it to support (namely arbitrary SAML protocols and the use of things like WSS for those so inclined). Depending on how strictly one reads the original binding, I felt a URI change was warranted, but can discuss. The SOAP header stuff doesn't bug me much, but the language was rather explicit about sending samlp:Request and samlp:Response and I'm softening it to use more generic terms that we need to agree on to use across the spec. As far as WSS, I saw nothing in the original binding that would preclude it except for the language about the responder not relying on SOAP headers and some overly strong language in the HTTP section that says things like you MUST use TLS for confidentiality, when I thought the intent was that as a conformance issue you MUST support it, not that you MUST use it. Comments welcome, meanwhile I'll be working on an HTTP/useragent binding for sending messages on URLs or with forms (but prolly not specifying the URL encoding mess yet). Artifact needs special attention and will save for later. Oh, and there's SOAP 1.2 to deal with I guess...any takers? -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]