shibboleth-dev - RE: How important is interop?
Subject: Shibboleth Developers
List archive
- From: "RL 'Bob' Morgan" <>
- To: Scott Cantor <>
- Cc: "'Shibboleth Design Team'" <>
- Subject: RE: How important is interop?
- Date: Thu, 24 Apr 2003 17:15:14 -0700 (PDT)
On Thu, 24 Apr 2003, Scott Cantor wrote:
> > Eh, but the POST contains a signed authentication assertion,
> > yes (or signed assertion containing an authn statement, to be
> > precise)? You're saying that attr assertion signing is
> > broken? Then how can authn assertion signing be working?
>
> No, in Liberty the assertion is signed, but in SAML, the enclosing
> Response is signed but the assertion doesn't have to be (and isn't
> really worth signing since it's short lived). The difference is that the
> signed data in SAML is the entire XML document, thus the deficiencies in
> subsetting SAML for signatures aren't fatal, just time consuming to code
> around.
Oh right, it's a (signed) response containing an assertion containing a
statement ... how could I have forgotten? 8^)
- RL "Bob"
------------------------------------------------------mace-shib-design-+
For list utilities, archives, subscribe, unsubscribe, etc. please visit the
ListProc web interface at
http://archives.internet2.edu/
------------------------------------------------------mace-shib-design--
- How important is interop?, Scott Cantor, 04/23/2003
- Re: How important is interop?, RL 'Bob' Morgan, 04/24/2003
- RE: How important is interop?, Scott Cantor, 04/24/2003
- RE: How important is interop?, RL 'Bob' Morgan, 04/24/2003
- RE: How important is interop?, Scott Cantor, 04/24/2003
- RE: How important is interop?, RL 'Bob' Morgan, 04/24/2003
- RE: How important is interop?, Scott Cantor, 04/24/2003
- RE: How important is interop?, RL 'Bob' Morgan, 04/24/2003
- RE: How important is interop?, Scott Cantor, 04/24/2003
- Re: How important is interop?, RL 'Bob' Morgan, 04/24/2003
Archive powered by MHonArc 2.6.16.