[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Editorial Update to Section 3.3 of confor mance
> Your position seems to be that a conformant SAML > generator should be able to include "obtained" in any > message thru a configuration setting. Ultimately, this > would lead to conformance tests in which SAML > generators are required to insert any of the constants > into messages. And at the same time there would be no > requirement to test whether the implementation > provides some means of obtaining consent. I don't think that's testable, personally. > Is this the position that is broadly acceptable? If > so, we should have some text in Section 3.3 of > conformance that reflects this understanding. It's definitely my position. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]