OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Potential errata on AuthnContextDeclRef/ClassRef

Agreed - I don't believe I've ever seen anyone even use a AuthnContextDecl.  Have you? We've certainly never run across a customer or partner that needed it (and thus don't support it today).

Rob Philpott | Senior Technologist | RSA, the Security Division of EMC
eMail: robert.philpott@rsa.com | Office: 781.515.7115 | Mobile: 617.510.0893

> -----Original Message-----
> From: Cantor, Scott [mailto:cantor.2@osu.edu]
> Sent: Friday, June 01, 2012 11:19 AM
> To: Philpott, Robert; security-services@lists.oasis-open.org
> Subject: Re: [security-services] Potential errata on
> AuthnContextDeclRef/ClassRef
> On 6/1/12 11:18 AM, "robert.philpott@rsa.com"
> <robert.philpott@rsa.com>
> wrote:
> >Yep - it's always seemed common sense to me... include "class" URN's as
> >ClassRef elements and put your "custom" declaration reference URI's in
> >DeclRef.  But since we received an assertion from a new partner site
> >(with a custom implementation) that put the URN in the DeclRef, I figured
> >I'd check back with you guys before I definitively told them to ask the
> >partner to change it. Just wanted to make sure there wasn't some obscure
> >use case I had forgotten about.
> That assumes the custom thing was a decl ref. Custom classes are certainly
> allowed, and much more common. A decl is pretty unusual.
> -- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]