OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: WantsAuthnRequestSigned and AuthnRequestsSigned attributes

Title: WantsAuthnRequestSigned and AuthnRequestsSigned attributes

Hi. In the metadata there is support for whether AuthnRequest messages should be signed or not (from a requester and responder perspective) using the WantsAuthnRequestSigned and AuthnRequestsSigned attributes. It seems incomplete that this does not extend to all protocol requests and protocol responses. I.e.,

WantsResponseSigned and ResponsesSigned
WantsLogoutRequestSigned and LogoutRequestSigned
WantsLogoutResponseSigned and LogoutResponsesSigned
WantsManageNameIDRequestSigned and ManageNameIDRequestSigned

And these would somehow be associated with an endpoint. So for example, SOAP messages may disable protocol message signing (since the binding typically would provide this capability). Whereas HTTP-based binding would require this.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]