[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Web SSO <AuthnRequest> conformance
Hi, I was going thru some examples of <AuthnRequest>, assuming an implementation that supported IDP and SP conformance levels.
Recognizing the size restrictions for redirects (I think it's around 2k for IE), since HTTP redirect is the only binding required, a conformant implementation CANNOT handle authn requests that are greater than 2k. Was the reasoning based on the chance that authn requests (which would be b64 encoded and then url encoded), would not reach this size?
I'm wondering if the HTTP artifact binding should be mandatory for IDP and SP conformance?
Thanks, Tom.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]