[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] errata: misuse of strongly matches
> In any event, it is specified that if the <NameID> element has no > Format attribute, it is equivalent to one that has an "unspecified" > Format attribute. It seems this should be taken into account on lines > 2600--2601 of SAMLCore and lines 1299--1301 of SAMLProf. Otherwise > there's an inconsistency with respect to <NameID>. IMHO, I think it would be better to scrap the illusion that there's anyway to define these kinds of things and make it clearer that implementations ought to provide the hooks necessary to specify it at deployment time, with some reasonable and self-evident defaults. Otherwise it's just going to be an endless set of errata. Even the one place where you're practically told to use XML equivalence, attribute value filtering, is basically a non-starter. We've already discarded the idea that that's possible, and are planning to put in hooks for decoding the XML into a representation that allows custom matching rules to be applied. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]