[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Authentication Response IssuerName vs. Assertion IssuerName
> I guess that's reasonable. Is there strong objection to > making it mandatory in the SSO Response? Space. > As an implementer, not having it there really stinks since > you cannot handle the protocol layer the same way (or without > digging down into the Assertion :-( I would agree (and I am one), and would personally prefer that it be mandatory. I'll let others decide, I just didn't want the original intent to go unmentioned. Proper layering was for me the primary goal in SAML 2, so given the choice, I'm pretty universally in favor of cleaner boundaries even when it means bigger messages. I think binary encodings are the proper solution to space concerns. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]