OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Signatures in protocols (section 3 of core)

> >protocol binding (see [SAMLBind]). The SAML request MAY be signed, which
> >provides both authentication of the requester and message integrity.
> >  
> I am fine with the MAY if this is not a duplicated requirement from some 
> other part of [SAMLCore], otherwise, I think this text should just be 
> informative.

I don't think it really was called out anywhere very prominently, or at
least not until the section on signatures later. Since this came first, I
thought I'd try and say whatever we wanted to say with some boilerplate text
in the schema definition section.

The part I was trying to emphasize was that if you don't sign, that doesn't
mean you can't get integrity some other way.

Thanks for the suggestions,

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]