[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Potential Errata, HTTPS in URI Binding
There's an apparent conflict in normative language in SAMLBind at: Section 3.7, Line 1349: This binding has transport-independent aspects, but also calls out the use of HTTP with SSL3.0 [SSL3] or TLS 1.0 [RFC2246] as REQUIRED (mandatory to implement). and Section 3.7.5.3, Line 1407: Use of SSL 3.0 [SSL3] or TLS 1.0 [RFC2246] is STRONGLY RECOMMENDED as a means of authentication, integrity protection, and confidentiality. --Nick
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]