OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

wss-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [wss-comment] Problem with Sender Vouchers example in SAML Token Profile 1.0 and 1.1

On Tue, Nov 11, 2008 at 7:58 PM, Glen Mazza <glen.mazza@gmail.com> wrote:
>
> The Sender-Vouchers SAML example in both the SAML Token Profile 1.0 and in
> 1.1 appears to be in error--the configuration is using the holder-of-key URN
> not the sender-vouches one.
>
> Links [1] (Question #4) and [2] explain the issue.

The conclusions of the above thread are basically correct.  Perhaps
this doc may also help:

http://wiki.oasis-open.org/security/SAMLHoKSubjectConfirmation

> It would be nice if the docs could be updated to remove the confusion.

Not likely since the WSS TC is closed.

> Regards,
> Glen

Tom Scavo

> [1] http://tinyurl.com/59ucl6
> [2] http://tinyurl.com/6j89gp

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]