[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] SAML Authn Ctx Combination Spec
Hi Tom, thanks for the review. Yes, there does appear to be a hitch
The schema for RequestedAuthnContextsType is defined circularly so that
there can be nested <RequestedAuthnContexts> elements.
But, we also have a processing rules that says
A sender MUST NOT include more than one <rac:RequestedAuthnContexts>
extension element in a given request message.
I think we can resolve the issue by changing the above text to
A sender MUST NOT include more than one <rac:RequestedAuthnContexts>
extension element in a given request message unless those multiple
<rac:RequestedAuthnContexts> elements are nested.
Thoughts?
paul
Thomas Wisniewski wrote:
> Paul, Ashish, hi.
>
> I'm reading the 5/18 spec (draft 2).
>
> It seems like the text and the schema limit the RequestedAuthnContexts
> to 1 instance per message. Yet the example xml and text clearly
> require multiple instances of this element in order to function that
> way you want it??
>
> Tom.
>
>
> *Thomas Wisniewski*
> Software Architect
> Phone: (201) 891-0524
> Cell: (201) 248-3668
>
> Entrust̉
> Securing Digital Identities
> & Information
>
>
> ------------------------------------------------------------------------
>
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.1.394 / Virus Database: 268.9.9/382 - Release Date: 7/4/2006
>
--
Paul Madsen e:paulmadsen @ ntt-at.com
NTT p:613-482-0432
m:613-302-1428
aim:PaulMdsn5
web:connectid.blogspot.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]