[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Including SAML AssertionID in the core as a direct ID reference mechanism.
|
While reviewing various token profiles, we observed that referencing SAML tokens in message signatures seems awkward.
SOAP Message security defines three mechanisms for ID references:
Earlier, the TC had concluded that SAML tokens using AssertionID violated the rules from the core specification and therefore limited references to using KeyIdentifiers. The recommendation is hence to use an STR with an STR transform or KeyIdentifier to reference SAML tokens from within SignedInfo. We would like to propose adding SAML AssertionID to the list of valid identifiers in section 4 of the core specification so that SAML AssertionId can be directly referenced.
Vijay
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]