[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Error in Technical Overview CD-02 Section 4.6
Sigh… There is a significant error in section 4.6 of
the tech overview. Lines 764-766 of CD-02 states: “When a response message containing an assertion is
delivered to a relying party via a user's web browser (for example using the HTTP POST binding), then to
ensure message integrity, it is mandated
that the response message be digitally signed using XML Signature” This should obviously state that it is the Assertion that MUST
be signed (the Response carrying it MAY be signed). Rob Philpott RSA, the
Security Division of EMC |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]