OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [security-services] errata: misuse of strongly matches

On 10/25/06, Scott Cantor <cantor.2@osu.edu> wrote:
> > I agree with your definition of "identical" but I think it only
> > applies to two elements of type NameIDType (after decryption of
> > course).  I don't know what it means for two elements of type
> > BaseIDAbstractType to be identical, let alone two elements of type
> > AssertionType.
> I don't agree, it's either DOM equal, Infoset, or it's probably untestable
> and impractical.

I'm sorry, Scott, what is "it" in the previous sentence?  Are you
saying that the definition of "identical" in the spec can be applied
to two elements of type BaseIDAbstractType?

> > There's also the issue of the Format attribute.  The <NameID> element
> > defaults to Format "unspecified", so what if one element has no Format
> > attribute and the other is "unspecified"?  Two such <NameID> elements
> > might be called equivalent.  Is equivalence good enough on lines
> > 2600--2601 of SAMLCore and 1299--1301 of SAMLProf?
> IMNSHO, no. It's a slippery slope.

Then what is the point of having a default Format?


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]