[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Suggested text for OneTimeUse "replay detection"
Conor suggested we should add some guidance language around how to enforce the OneTimeUse condition with replay detection. I suggest something like: "In accordance with the single use constraint, a relying party SHOULD maintain a cache of assertions it has accepted containing such a condition, remembering that it has accepted a particular assertion for at least the lifetime of that assertion (or a reasonable time frame, if an assertion's lifetime does not have an upper bound)." After I wrote that, it seemed like in fact we might want to just enforce that any assertion containing this condition probably has to have a NotOnOrAfter anyway, based on the motivation for using it. Should I just say that? -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]