[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] SAML 2.0 Technical Overview uploaded
> Additionally, only 8 (not 6 as suggested) of the 12 possible permutations > are described. We should discuss why the other 4 (those that would have > the response sent using the redirect binding) are not presented. And the reason is basically just that we really want the SAML assertion to be signed when it's delivered by value (rather than a signature over the whole response only), and an XML signature is too big to DEFLATE and fit on a URL. The other protocols can mostly deliver a signed protocol message using the URL-based signature trick in the Redirect binding, so they can use that binding more easily on both legs. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]