[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] errata: "Liberty" moniker used inappropriatelyin saml-sec-consider-2.0-os
Wow, our first erratum for SecConsider! Thanks for catching this. What's the sentiment of the group? Should we say that errata starting with this one have to catch a later "train", and proceed with the E1-E63 we've got in proceeding to a public review vote? Or should we nab this one now, since the public review for errata has to be a separate event from the other stuff in the pipeline anyway? If so, should we declare this (it would be E64) the "last one, really, we mean it" for this round? Eve Jeff Hodges wrote: > In saml-sec-consider-2.0-os section 7.1.1.9 Impersonation without > Reauthentication, there is following sentence at line 964... > > > Cookies posted by identity providers MAY be used to support > > this validation process, though Liberty does not mandate a > > cookie-based approach. > > Note use of "Liberty" moniker. > > Suggested rewrite: > > > Cookies posted by identity providers MAY be used to support > > this validation process, though SAML 2.0 does not mandate a > > cookie-based approach. > > > =JeffH > > > -- Eve Maler +1 425 947 4522 Technology Director eve.maler @ sun.com CTO Business Alliances group Sun Microsystems, Inc.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]