OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Web SSO <AuthnRequest> conformance

> Recognizing the size restrictions for redirects (I think it's 
> around 2k for IE), since HTTP redirect is the only binding 
> required, a conformant implementation CANNOT handle authn 
> requests that are greater than 2k.

I believe POST is also required. Am I wrong?

> Was the reasoning based on 
> the chance that authn requests (which would be b64 encoded 
> and then url encoded), would not reach this size?

My assumption was we required POST to handle that case.
 
-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]