[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Attribute Sharing Profile
Yes, I see that now in various places in [SAMLProf]. It makes sense. Thanks, Ari. Tom On 7/7/06, Ari Kermaier <ari.kermaier@oracle.com> wrote: > I would suggest that the Assertion MUST be signed, and the Response MAY be signed. This is more in line with the SAML 2.0 main specifications. > > > [section 4] Evidently, both the <Response> and the <Assertion> MUST be > > signed (lines 194--195 and lines 250--251, resp.). Is this really > > necessary? I suggest the <Assertion> MAY be signed if the situation > > warrants. > > > > --------------------- > Ari Kermaier > Oracle Corporation > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]