[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: ECP PE Text
I had an action item from the last call to make another stab at wording
for the ECP ACS/responseConsumerURL issue – so here's another proposed
correction to the text for PE35: Description: The example on page 29 line 964 uses a ResponseConsumerURL of http://identity-service.example.com/abc.
Since this value must be an AssertionConsumerService at the SP and must match
(according to the rules in 4.2.4.4) the value of the resonseConsumerURL, the
example would result in an error condition. Options: Change the value of the responseConsumerURL in the example on page 29
line 964 to https://ServiceProvider.example.com/ecp_assertion_consumer. Change the sentence on page 27 lines 906-908 to: “This value MUST
be the same as the AssertionServiceConsumerURL (or the URL referenced in
metadata) conveyed in the <AuthnRequest> and SHOULD NOT be a relative URL.”
-Brian |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]