OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [security-services] Comments: sstc-saml1x-metadata-cd-01


On 6/27/06, Scott Cantor <cantor.2@osu.edu> wrote:
> >
> > [line 111] Why is <md:AffiliationDescriptor> precluded?
>
> It has zero meaning in SAML 1.1.

I don't see why, but okay.

> > [lines 117--119] Rewrite this sentence.
>
> Why?

Sorry for being so terse.  This sentence doesn't read well.  It's not
clear what's being RECOMMENDED.  Perhaps something like this would be
better:

For identity providers that support the SAML V1.x Browser/Artifact
profile and the mandatory type 0x0001 artifact format [SAML11Bind], it
is RECOMMENDED that the SHA-1 hash of their entityID be used as their
SourceID when constructing artifacts.

> > [lines 165--167] I do not understand this sentence.
>
> Artifacts in SAML 1.x are not indexed by endpoint. All endpoints are assumed
> to be equivalent and MUST share state.

Ah, well said.  Can you work the above sentences into the text somehow?

Tom


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]