OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: AssertionConsumerServiceIndex vs. AssertionConsumerURL

I am puzzled by the occurrence of these two fields in an AuthNRequest. At the minimum there appears to be some redundancy here: Why isn’t it always enough to set
AssertionConsumerURL to the right value?

Turning to the description of AssertionConsumerServiceIndex in core, the sentence “It applies only to profiles in which the request issuer is different from the presenter” confuses me even further. Does this mean that the Web SSO profile does not use this attribute? At the same time there is a reference to AssertionConsumerServiceIndex within the SSO profile (lines 490). Perhaps the above sentence should  be deleted? Obviously, profiles that mandate use of this index will do so explicitly and there is no need to discuss it preemptively in core.


- prateek

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]