[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Comments on Core 13 & Profiles 08aroundSubjectConfirmationData
> There may not be a use case but it could happen nonetheless - subject > confirms through a signature, this performed before the start of the > validity period (either because of clock skew or maybe because the IDP, > when creating the assertion, set the NotBefore to be some time in > the future) Well, this is not a new situation, is it? Confirmation is separate from validity today, I think, so I wasn't attempting to change that. We could add text to this effect in the section that I think Bob proposed we add on general "evaluation" or "validity" of assertions... > yes, but do we need to say that there must be a point at which these > requirements can be met simultaneously? Sure, I can buy that. ;-) -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]