OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Comments: sstc-saml1x-metadata-cd-01

> Comments/Suggestions:
> [line 111] Why is <md:AffiliationDescriptor> precluded?

It has zero meaning in SAML 1.1.

> [lines 117--119] Rewrite this sentence.


> [lines 165--167] I do not understand this sentence.

Artifacts in SAML 1.x are not indexed by endpoint. All endpoints are assumed
to be equivalent and MUST share state. Therefore, index being a required
schema element deserves a note to the effect that the value means nothing.

> [line 200] The <md:ArtifactResolutionService> endpoint element should
> also be undefined, right?

Yeah, good catch.

> [general] Why is the <md:AssertionIDRequestService> element allowed by
> this specification?  There is no AssertionIDRequest in SAML V1.x.
> There is an AssertionIDReference but there is no corresponding service
> at the IdP.

Sure there is. SAML 1.x supports query by ID. It's buried inside SAMLRequest
as an option, just like Query and AssertionArtifact.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]