[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: AI-2006-04-04-06 security consideration regarding token cancellation
I propose the following text to be added to the Security Consideration section: Both token cancellation bindings defined in this specification require that the STS MUST NOT validate or renew the token after it has been successfully canceled. The STS must take care to ensure that the token is properly invalidated before confirming the cancel request or sending the cancel notification to the client. This can be more difficult if the token validation or renewal logic is physically separated from the issuance and cancellation logic. It is out of scope of this spec how the STS propagates the token cancellation to its other components. If STS cannot ensure that the token was properly invalidated it MUST NOT send the cancel notification or confirm the cancel request to the client. Thanks, --Jan
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]