OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Proposed erratum resolutions

> Anyway, that said, I'm fine with Scott's suggested language if there's 
> value in only encrypting the NameID in the returned assertion (and not 
> any attributes).

Something to consider is that AuthnRequest is not only usable in the case of
ane entity asking for an assertion for itself. The requester, subject, and
relying party are all explicit actors. So the requester could in fact be
asking for an assertion usable by somebody else (or somebodies).

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]