[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Action Items 236 and 231
Does not appear that we added this....Scott, should I add this? Thanks, Jahan ------------------------ Jahan Moreh Chief Security Architect 310.288.2141 > -----Original Message----- > From: Ari Kermaier [mailto:ari.kermaier@oracle.com] > Sent: Wednesday, July 19, 2006 3:50 PM > To: Scott Cantor; security-services@lists.oasis-open.org > Subject: RE: [security-services] Action Items 236 and 231 > > Was AI 236 ever captured in errata? I can't seem to find it... > ::Ari > > > -----Original Message----- > > From: Scott Cantor [mailto:cantor.2@osu.edu] > > Sent: Tuesday, October 11, 2005 6:27 AM > > To: security-services@lists.oasis-open.org > > Subject: [security-services] Action Items 236 and 231 > > > > > > > *0236*: Errata on SSO Response when using HTTP-Artifact > > > > > > http://lists.oasis-open.org/archives/saml-dev/200509/msg00019.html > > > > Minor issue, but I suggest we insert a clarifying paragraph > after line > > 1173 of Bindings: > > > > "Finally, note that the use of the Destination attribute in > the root > > SAML element of the protocol message is unspecified by this > binding, > > because of the message indirection involved." > > > > > *#0231*: SOAP client cert authn and reln to SAML messages > > > > My memory of this "issue" isn't great, but I suppose we could add > > clarifying text to section 3.1.2.2 of Bindings by adding a > sentence to > > the first > > paragraph: > > > > "Note that when SSL/TLS authentication is used, an X.509 > certificate > > presented by a peer is typically used to authenticate messages > > produced by that peer, but the means by which the relationship is > > established between the identity in the certificate and the > identity > > of the peer is not defined by SAML." > > > > Another way to go (arguably better perhaps) is to push all > this to the > > phantom impl guidelines doc where we can hand wave about > PKI and trust > > to our heart's content. > > > > -- Scott > > > > > > > --------------------------------------------------------------------- > > To unsubscribe from this mail list, you must leave the > OASIS TC that > > generates this mail. You may a link to this group and all > your TCs in > > OASIS > > at: > > > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > > > > > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS > TC that generates this mail. You may a link to this group > and all your TCs in OASIS > at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgr oups.php > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]