[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Comments: sstc-saml1x-metadata-cd-01
> Comments/Suggestions: > > [line 111] Why is <md:AffiliationDescriptor> precluded? It has zero meaning in SAML 1.1. > [lines 117--119] Rewrite this sentence. Why? > [lines 165--167] I do not understand this sentence. Artifacts in SAML 1.x are not indexed by endpoint. All endpoints are assumed to be equivalent and MUST share state. Therefore, index being a required schema element deserves a note to the effect that the value means nothing. > [line 200] The <md:ArtifactResolutionService> endpoint element should > also be undefined, right? Yeah, good catch. > [general] Why is the <md:AssertionIDRequestService> element allowed by > this specification? There is no AssertionIDRequest in SAML V1.x. > There is an AssertionIDReference but there is no corresponding service > at the IdP. Sure there is. SAML 1.x supports query by ID. It's buried inside SAMLRequest as an option, just like Query and AssertionArtifact. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]