[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] new PE in profiles
> Line 556-7: "a NotOnOrAfter attribute that limits the window > during which the assertion can be delivered." > > The NotOnOrAfter in a ConfirmationData element isn't about a > window when the assertion can be delivered. In the context of the SSO profile, it is, so that's the reason the text reads that way. It may not be perfect text, but it's not inaccurate in the context of the profile, IMHO. Browser SSO presumes effectively single-use assertions, so confirmation and delivery occur once. Obviously other SSO profiles don't have to behave that way. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]