[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] comments on Last Call core doc - draft 17
I think you mean core comments, not profiles. > - line 1764 and else where through out doc. Came across the use of > "Replying Party". In many instances "Service Provider" may be more > appropriate - and hence a quick check should be performed. > However if it is appropriate to use Replying Party - perhaps I should > define (and scope it) in the Technical Overview I assume you mean "Relying Party"? That's a specific term that I incorporated into the set of actors in the authentication request section after discussions with Ron and others. In some cases, the relying party is a single service provider in the sense that profiles uses it, but the protocol doesn't assume that in all cases. Relying Party I think might have a definition already in the glossary, I guess I was shooting for a more precise usage in the protocol. But there might be multiple relying parties, so it's broader than just a service provider. Where I think I'm sloppy is in the NameID/NameIDPolicy stuff, where I throw around issues of "namespaces" and SPs and affiliations without any explanation. Probably we need to add language up front in core to describe the formal use of NameQualifier/SPNameQualifier. This isn't always the required usage, but it is constrained fairly precisely when using the persistent/transient formats, which are the Liberty (and Shibboleth to some extent)-contributed aspects. > -line 2206 re scheme snippet for TerminateType - is this > correct? Doesn't > look right to me - we have a hanging/empty <sequence/> element It's legal, it just means the element is empty. It's eqivalent to not having the <sequence/> there at all, but I think that looks weird. If it's confusing to people, we can pull it. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]