OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [security-services] Proposal: Query Extension for SAML AuthnReq


On Fri, Apr 25, 2008 at 10:52 PM, Scott Cantor <cantor.2@osu.edu> wrote:
>
>  > Any opinions on the interrim solution?
>
>  Probably we would need some normative language about whether to treat the
>  extension as mandatory (meaning if you understand it, do you return an error
>  if you can't satisfy the attribute request?). Currently the metadata
>  equivalent is expressly optional to enforce.

So there will be two methods of requesting attributes in conjunction
with <samlp:AuthnRequest>:

1. By reference via AttributeConsumingServiceIndex
2. By value via <md:RequestedAttribute>

Scott is working on (1) in conjunction with errata, and Sampo has
proposed (2).  In the end, the two approaches should be semantically
equivalent, that is, the normative language describing each approach
should be the same.

Tom


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]