[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] comments re sstc-saml-holder-of-key-browser-sso-draft-10
I didn't say that quite right. Binding support must be two-way (obviously), so what I'm trying to say is that both parties MUST support HTTP Redirect and HTTP POST. On the other hand, I would like to say that HTTP Artifact is OPTIONAL. The latter intentionally deviates from the SAML V2.0 conformance spec. I believe that support for HTTP Artifact is a quality that distinguishes full conformance from "lite" conformance. The latter is what we should shoot for in this spec, or so I claim. Comments? Tom On Sun, Jan 11, 2009 at 11:22 AM, Tom Scavo <tscavo@ncsa.uiuc.edu> wrote: > In the HoK Web Browser SSO Profile, what bindings MUST the IdP and the > SP support for conformance purposes? I would think that the SP MUST > support HTTP Redirect while the IdP MUST support HTTP POST. Does this > sound reasonable? > > Tom >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]