[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] SAML Authn Ctx Combination Spec
Hi Tom, thanks for the review. Yes, there does appear to be a hitch The schema for RequestedAuthnContextsType is defined circularly so that there can be nested <RequestedAuthnContexts> elements. But, we also have a processing rules that says A sender MUST NOT include more than one <rac:RequestedAuthnContexts> extension element in a given request message. I think we can resolve the issue by changing the above text to A sender MUST NOT include more than one <rac:RequestedAuthnContexts> extension element in a given request message unless those multiple <rac:RequestedAuthnContexts> elements are nested. Thoughts? paul Thomas Wisniewski wrote: > Paul, Ashish, hi. > > I'm reading the 5/18 spec (draft 2). > > It seems like the text and the schema limit the RequestedAuthnContexts > to 1 instance per message. Yet the example xml and text clearly > require multiple instances of this element in order to function that > way you want it?? > > Tom. > > > *Thomas Wisniewski* > Software Architect > Phone: (201) 891-0524 > Cell: (201) 248-3668 > > Entrust̉ > Securing Digital Identities > & Information > > > ------------------------------------------------------------------------ > > No virus found in this incoming message. > Checked by AVG Free Edition. > Version: 7.1.394 / Virus Database: 268.9.9/382 - Release Date: 7/4/2006 > -- Paul Madsen e:paulmadsen @ ntt-at.com NTT p:613-482-0432 m:613-302-1428 aim:PaulMdsn5 web:connectid.blogspot.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]