[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: Proposed Ballots for Issue Groups 6, 7, 8, 9
> > >>>>> "EN" == Edwards, Nigel <Nigel_Edwards@hp.com> writes: > > EN> I agree with the sentiments expressed > EN> [UC-8-05:AtomicAssertions]. I think SAML assertions should be > EN> atomic. I think managing valid signatures over assertion > EN> fragments is an unnecessary complexity. > > EN> However, I think an intermediary might also in some cases > EN> legitimately remove an atomic assertion, provided no signature > EN> was invalidated by doing so. An example is pointed out in > EN> [UC-8-03:IntermediaryDelete]. In this case the intermediary > EN> does it to make a purchase order anonymous, once it has > EN> validated that purchase order. I would be happy to see a > EN> modified version of [UC-8-03:IntermediaryDelete] that dealt > EN> with atomic assertions. > > So, there are a couple of options here. One is that the intermediary > simply drops the identifying authn assertion altogether (making any > authz decision assertions invalid, as far as I can tell). Or, it > replaces the authn assertion with one of its own. > > Both make sense to me -- but it seems hard to state them as > requirements. > Either option will work. If authz assertions are bound to principal identities and not authn assertions, removing authn assertions, does not necessarily invalidate authz assertions. I am not arguing for a new requirement, merely suggesting that the submitter of the use case, modify it. Nigel.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC