xspa message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Groups - SAML XSPA v2.0 Working Draft 12 uploaded
- From: Mohammad Jafari<mohammad.jafari@bookzurman.com>
- To: xspa@lists.oasis-open.org
- Date: Sun, 15 Apr 2018 12:34:28 -0700 (PDT)
Submitter's message
One thing we need to decide is whether the resource-id attribute needs to be normative since it is often specified outside of the assertion. Moreover, since the assertion vouches for the identity of the requester and its purpose of use, the requester should technically be able to re-use the same assertion when requesting for a different resource.
Furthermore, considering the case of query-based exchange, there may not be a specific resource id involved in the transaction and the identifier of the resources fitting in the query may not even be known until after the Service Provider processes the query and identifies the resources that would be included in the response.
-- Mohammad Jafari
Document Name: SAML XSPA v2.0 Working Draft 12
Description
Moving back to working draft per TC decision.
Making some attribute non-normative.
Minor updates to the use-case introduction.
Download Latest Revision
Public Download Link
Submitter: Mohammad Jafari
Group: OASIS Cross-Enterprise Security and Privacy Authorization (XSPA) TC
Folder: Standards
Date submitted: 2018-04-15 12:34:04
|
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]