mace-opensaml-users - RE: xpointer call in URI attribute of Reference element (Signature)
Subject: OpenSAML user discussion
List archive
- From: "Scott Cantor" <>
- To: <>, <>
- Subject: RE: xpointer call in URI attribute of Reference element (Signature)
- Date: Wed, 26 Apr 2006 15:43:31 -0400
- Organization: The Ohio State University
> Does it mean that OpenSAML cannot verify such an assertion
> (which was signed using xmlsec) ? Can you see another way to
> verify this assertion?
It is not possible because it is not legal. SAML 1.1 defines the acceptable
rules for this, and it permits nothing other than a single reference to a
fragment with the identifier.
So, while one could decide to implement all sorts of additional options to
permit lots of referencing strategies, SAML 1.1 was fixed to ensure nobody
had to do this. And I did not.
-- Scott
- xpointer call in URI attribute of Reference element (Signature), lilas, 04/26/2006
- RE: xpointer call in URI attribute of Reference element (Signature), Scott Cantor, 04/26/2006
Archive powered by MHonArc 2.6.16.