security-services message

Subject: Re: [security-services] Groups - sstc-saml-x509-authn-attrib-profile-draft-10-diff.pdf uploaded

From: "Tom Scavo" <trscavo@gmail.com>
To: "Greg Whitehead" <greg.whitehead@hp.com>
Date: Tue, 8 Aug 2006 15:56:48 -0400

On 8/7/06, Greg Whitehead <greg.whitehead@hp.com> wrote:
> I guess the question is whether a client that knows nothing about the X.509
> Attribute Sharing Profile NEEDS to distinguish between those three
> endpoints, or would they all work for standard attribute requests?

Well that's the point, I guess.  Currently, there doesn't seem to be
any way for an endpoint to call out support for one of the X.509
profiles and NOT support the Assertion Query/Request Profile.  In that
sense, EVERY attribute query profile should extend the Assertion
Query/Request Profile.

> Do you really expect to see separate endpoints like that anyway, or would it
> be more common to have one endpoint like...

Yes of course, but your example exhibits the same problem, I think.

Tom

Follow-Ups:
- RE: [security-services] Groups - sstc-saml-x509-authn-attrib-profile-draft-10-diff.pdf uploaded
  - From: "Scott Cantor" <cantor.2@osu.edu>

References:
- Re: [security-services] Groups - sstc-saml-x509-authn-attrib-profile-draft-10-diff.pdf uploaded
  - From: "Tom Scavo" <trscavo@gmail.com>
- Re: [security-services] Groups -sstc-saml-x509-authn-attrib-profile-draft-10-diff.pdf uploaded
  - From: Greg Whitehead <greg.whitehead@hp.com>