[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Potential Errata: Session Index on logout
-----Original Message-----
From: Conor P. Cahill [mailto:concahill@aol.com]
Sent: Friday, November 04, 2005 8:23 AM
To: SAML
Subject: [security-services] Potential Errata: Session Index on logout
The language surrounding session index on the <LogoutRequest> (line 2546) is a bit lacking. I suggest we replace that line with something along the lines of:
I also think we should require that this be specified by the SP when sending an SP-Initiated LogoutRequest if the assertion had a SessionIndex in it. I was unable to find such a statement in the specs.
- The index of the session between the pricipal identified by the subject and the authenticating authority. This must correlate to the <SessionIndex> that was present in the <AuthnStatement> of the assertion used in the session that is being terminated by this <LogoutRequest>, if any.
Conor
--------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. You may a link to this group and all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]