OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Comments on core-2.0-cd-01

Section 2.6.4 - Line 973 - The definition for <AuthnContext> should acknowledge that its (theoretically) more than just the authentication event. -> 'The context used by the identity provider *up to and including* the authentication event .....'

Section (Lines 2340-2344) - The conditions against which assertions are measured to determine if a <LogoutRequest> should be applied to omits the fundamental requirement of a match against any of BaseID or NamedID or EncryptedID.

Section - (Lines 2439-2440) - typo, missing 'assertion' from ' If the sender is a session participant to which the session authority provided an containing an authentication statement...'

Section 8.3 - urn:oasis:names:tc:SAML:2.0:nameid-format:encrypted missing from list of valid Format values



Paul Madsen
e:  p.madsen@entrust.com
p:  613-270-2632
c:  613-799-2632

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]