[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Possible resolution to AI 282, AuthnContextDecl andAuthnContextDeclRef Confusion
After revisiting this issue, I don't think that any changes to the text in SAML Core (or other specs) is warranted. I think there is a need, somewhere, to offer some guidance regarding interoperability issues, particularly in the case where the AuthnRequest does not contain a RequestedAuthnContext. However, I am somewhat at a loss to identify the appropriate location. If the proper location were to be found, the text to be inserted there would be something like: "Note that interoperability may depend on out-of-band negotiation between identity providers and service providers regarding acceptable Authentication Context declarations or references. This may be especially true in cases where the <saml:AuthnRequest> issued by a service provider does not contain a <saml:RequestedAuthnContext> element." ET -- ____________________________________________________ Eric Tiffany | eric@projectliberty.org Interop Tech Lead | +1 413-458-3743 Liberty Alliance | +1 413-627-1778 mobile
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]