OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Comments on Core 13 & Profiles 08aroundSubjectConfirmationData

> There may not be a use case but it could happen nonetheless - subject
> confirms through a signature, this performed before the start of the
> validity period (either because of clock skew or maybe because the IDP,
> when creating the assertion, set the NotBefore to be some time in 
> the future) 

Well, this is not a new situation, is it? Confirmation is separate from
validity today, I think, so I wasn't attempting to change that. We could add
text to this effect in the section that I think Bob proposed we add on
general "evaluation" or "validity" of assertions...

> yes, but do we need to say that there must be a point at which these
> requirements can be met simultaneously?

Sure, I can buy that. ;-)

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]