OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [no subject]

Combining SLO with NameID termination, we should clarify whether it's
explicitly not required for the SP to continue to expect or process SLO
messages for an active session following NameID termination. The spec
implies pretty strongly that you don't because you can terminate your local

Second, from AI #207, there was an issue that came up during the IOP that
Greg Whitehead relayed to me regarding the need to clarify the behavior
expected around the SP AuthnRequestsSigned and the IdP
WantAuthnRequestsSigned metadata flags.

The lack of a flag at an SP was not intended to imply that an SP would never
sign if it had a reason to, and the IdP flag was not intended to somehow
create a conflict. You can't resolve the situation policywise if an SP and
IdP disagree about whether to sign, the metadata simply might reflect this.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]