[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Attribute Sharing Profile
I would suggest that the Assertion MUST be signed, and the Response MAY be signed. This is more in line with the SAML 2.0 main specifications. ::Ari > > [section 4] Evidently, both the <Response> and the <Assertion> MUST be > signed (lines 194--195 and lines 250--251, resp.). Is this really > necessary? I suggest the <Assertion> MAY be signed if the situation > warrants. > --------------------- Ari Kermaier Oracle Corporation
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]