[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] errata: misuse of strongly matches
On 10/25/06, Scott Cantor <cantor.2@osu.edu> wrote: > > I agree with your definition of "identical" but I think it only > > applies to two elements of type NameIDType (after decryption of > > course). I don't know what it means for two elements of type > > BaseIDAbstractType to be identical, let alone two elements of type > > AssertionType. > > I don't agree, it's either DOM equal, Infoset, or it's probably untestable > and impractical. I'm sorry, Scott, what is "it" in the previous sentence? Are you saying that the definition of "identical" in the spec can be applied to two elements of type BaseIDAbstractType? > > There's also the issue of the Format attribute. The <NameID> element > > defaults to Format "unspecified", so what if one element has no Format > > attribute and the other is "unspecified"? Two such <NameID> elements > > might be called equivalent. Is equivalence good enough on lines > > 2600--2601 of SAMLCore and 1299--1301 of SAMLProf? > > IMNSHO, no. It's a slippery slope. Then what is the point of having a default Format? Tom
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]