[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: Proposed Ballots for Issue Groups 6, 7, 8, 9
> > Also, group 8 may be somewhat confusing. I think that the scenario in > [UC-8-02:IntermediaryAdd] is probably useful and would probably be > common for systems that use intermediaries. However, the ones in > [UC-8-03:IntermediaryDelete] and [UC-8-04:IntermediaryEdit] may be > somewhat problematic and less useful. [UC-8-05:AtomicAssertions] tries > to rationalize this problem with an explicit non-goal. I agree with the sentiments expressed [UC-8-05:AtomicAssertions]. I think SAML assertions should be atomic. I think managing valid signatures over assertion fragments is an unnecessary complexity. However, I think an intermediary might also in some cases legitimately remove an atomic assertion, provided no signature was invalidated by doing so. An example is pointed out in [UC-8-03:IntermediaryDelete]. In this case the intermediary does it to make a purchase order anonymous, once it has validated that purchase order. I would be happy to see a modified version of [UC-8-03:IntermediaryDelete] that dealt with atomic assertions. Nigel.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC