OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] what's an "assertion profile"?

> Using this terminology, perhaps a more appropriate title is a "SAML2
> Holder-of-Key Assertion Profile".  In fact, the profile already
> includes a definition of "holder-of-key assertion" so "holder-of-key
> assertion profile" seems to make sense.
> Comments?

I think that's pretty much what we were thinking, yes. A Subject
Confirmation profile is probably just a special case of that, and given that
the term is somewhat obscure...

You're just taking a particular set of assertion content and profiling it
down to be more constrained than the original specification requires.

As I said in some of the email conversations we had, I would actually
encourage that the document have nothing in it about requests or responses,
as I think that's completely orthogonal.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]