Subject: Groups - sstc-saml-sec-consider-2.0-draft-03-diff.pdf uploaded
The document sstc-saml-sec-consider-2.0-draft-03-diff.pdf has been submitted by Frederick Hirsch (email@example.com) to the OASIS Security Services TC document repository. Document Description: Added SAML 1.1 security considerations for POST and Artifact bindings. Added draft for URI binding substitution threat. Added reauthentication related threat for SSO profile. Added PAOS binding denial of service threat and ECP threat text. Made ciphersuite recommendations consistent with Bindings spec. Added SSL/TLS server authentication statement. Per F2F removed reliable messaging statement, replaced DoNotCacheCondition with OneTimeUse. Updated references, including RFC3552 and Shib URL. Editorial – structured sections to remove depth, match bindings and profiles. Uniform threats and countermeasures headings. Spelling/typos. Also uploaded Open Office source and non-diffd pdf (http://www.oasis-open.org/apps/org/workgroup/security/download.php/7378/sstc-saml-sec-consider-2.0-draft-03.pdf) Download Document: http://www.oasis-open.org/apps/org/workgroup/security/download.php/7379/sstc-saml-sec-consider-2.0-draft-03-diff.pdf View Document Details: http://www.oasis-open.org/apps/org/workgroup/security/document.php?document_id=7379 PLEASE NOTE: If the above links do not work for you, your email application may be breaking the link into two pieces. You may be able to copy and paste the entire link address into the address field of your web browser.