[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] A browser/POST question...
Jahan, can I assume that this will get a PE20 designation in the errata document now that it seems this has settled down? (I will take that chance and mention this number in the revision history.) The disposition would be something like "revised text worked out on the list, expecting TC approval at next opportunity". Thanks! Eve Philpott, Robert wrote: > And if I might tweak the tweak... > > Change "subject-containing" to "subject-based"? > > Rob Philpott > RSA Security Inc. > The Most Trusted Name in e-Security > Tel: 781-515-7115 > Mobile: 617-510-0893 > Fax: 781-515-7020 > mailto:rphilpott@rsasecurity.com > > > >>-----Original Message----- >>From: Eve L. Maler [mailto:eve.maler@sun.com] >>Sent: Thursday, May 01, 2003 6:50 PM >>To: ''security-services@lists.oasis-open.org ' ' >>Subject: Re: [security-services] A browser/POST question... >> >>I would editorially tweak as follows (since it would be pretty unusual >>for there to be real saml:SubjectStatement elements present): >> >>Every subject-containing statement present in the assertion(s) returned >>to the destination site MUST also contain a <SubjectConfirmation> >>element. The <ConfirmationMethod> element in the <SubjectConfirmation> >>MUST be set to urn:oasis:names:tc:SAML:1.0:cm:bearer. >> >> Eve >> >>Mishra, Prateek wrote: >> >>>Scott, Rob: >>> >>>(1) Thanks for your paitence ! >>>(2) I finally understood the problem (that took a while!) >>>(3) I have no problem with the following proposed text: >>> >>> >>> >>>Does this work? This one is for bearer, but we can update the >>>artifact-01 >>>case similarly. It precludes the case I described in my last message, >>>but I >>>really am okay with the semantics described here... >>>------------------- >>>Every <saml:SubjectStatement> present in the assertion(s) returned to >>>the >>>destination site MUST contain a <saml:SubjectConfirmation> element. The >>><saml:ConfirmationMethod> element in the <saml:SubjectConfirmation> MUST >>>be >>>set to urn:oasis:names:tc:SAML:1.0:cm:bearer. >>>------------------- >>> >>>4) I agree this is kind of goofy overall and probably needs to be >> >>revised in >> >>>SAML 2.0. For good or bad it was sort of the proposal in 1.0. >>> >>> >>>- prateek >>> >> >>-- >>Eve Maler +1 781 442 3190 >>Sun Microsystems cell +1 781 354 9441 >>Web Technologies and Standards eve.maler @ sun.com > > -- Eve Maler +1 781 442 3190 Sun Microsystems cell +1 781 354 9441 Web Technologies and Standards eve.maler @ sun.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]