OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Attribute Sharing Profile

> On 7/7/06, Ari Kermaier <ari.kermaier@oracle.com> wrote:
> > I would suggest that the Assertion MUST be signed, and the 
> Response MAY be signed. This is more in line with the SAML 
> 2.0 main specifications.

Yeah, but that comment was made repeatedly years ago. The issue was that "we
want the profile the way we want it, and it's our profile so..."

This was the govt, remember. Not a fact-based reality.

To make real changes to some of the stranger rules, one might want to find
out how relevant the original need for this profile even is. It may still be
needed, but for non-RFP reasons, making it more palatable to correct it.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]