[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Potential Errata, HTTPS in URI Binding
> There's an apparent conflict in normative language in SAMLBind at: > > Section 3.7, Line 1349: > This binding has transport-independent aspects, but also calls > out the use of HTTP with SSL3.0 [SSL3] or TLS 1.0 [RFC2246] as > REQUIRED (mandatory to implement). This should be stricken, it's old text. Regardless however, TLS is MTI for conformance anyway. It's just not required by the binding. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]