OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: ECP PE Text


I had an action item from the last call to make another stab at wording for the ECP ACS/responseConsumerURL issue – so here's another proposed correction to the text for PE35:

 

Description:

The example on page 29 line 964 uses a ResponseConsumerURL of http://identity-service.example.com/abc. Since this value must be an AssertionConsumerService at the SP and must match (according to the rules in 4.2.4.4) the value of the resonseConsumerURL, the example would result in an error condition.

 

Options:

Change the value of the responseConsumerURL in the example on page 29 line 964 to https://ServiceProvider.example.com/ecp_assertion_consumer.

 

Change the sentence on page 27 lines 906-908 to: “This value MUST be the same as the AssertionServiceConsumerURL (or the URL referenced in metadata) conveyed in the <AuthnRequest> and SHOULD NOT be a relative URL.” 

 

 

-Brian



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]