[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Proposal: Query Extension for SAML AuthnReq
On Fri, Apr 25, 2008 at 10:52 PM, Scott Cantor <cantor.2@osu.edu> wrote: > > > Any opinions on the interrim solution? > > Probably we would need some normative language about whether to treat the > extension as mandatory (meaning if you understand it, do you return an error > if you can't satisfy the attribute request?). Currently the metadata > equivalent is expressly optional to enforce. So there will be two methods of requesting attributes in conjunction with <samlp:AuthnRequest>: 1. By reference via AttributeConsumingServiceIndex 2. By value via <md:RequestedAttribute> Scott is working on (1) in conjunction with errata, and Sampo has proposed (2). In the end, the two approaches should be semantically equivalent, that is, the normative language describing each approach should be the same. Tom
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]