shibboleth-dev - Re: Attribute Exchange Profile

Subject: Shibboleth Developers

List archive

Re: Attribute Exchange Profile

From: Tom Scavo <>
To:
Subject: Re: Attribute Exchange Profile
Date: Wed, 16 Nov 2005 15:28:29 -0500
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=upFSVvZLUlKteNaUUzFktsuF+82grNS9m+OW2ijPOCZk7B2Qm7HR2XB0y80KBSSglEHkHHL0RzDWZbbtr1gOghZEs2QJvj1sw7hzmotuF3mOwLxJEE8SJi3p+ysuM9gjlS04DKn4UfNlGmvxqjrbEa5ZXQ3MDQ33rYWllNpr8u0=

On 11/16/05, Scott Cantor
<>
wrote:
>
> > - The Subject of each statement should "strongly match" (using
> > language from the SAML 1.1 spec) the Subject of the query.
>
> Right, this is a given.

The SAML spec says that at least one attribute statement MUST satisfy
this requirement. Evidently, there may be other attribute statements
that do not strongly match the Subject in the query. Should those
attributes statements be discarded? (I suppose so.)

Here's what our profile (which depends on yours) looks like at this time:

https://authdev.it.ohio-state.edu/twiki/bin/view/GridShib/AttributePull

Thanks,
Tom

Attribute Exchange Profile, Tom Scavo, 11/16/2005
- RE: Attribute Exchange Profile, Scott Cantor, 11/16/2005
  - Re: Attribute Exchange Profile, Tom Scavo, 11/16/2005
    - RE: Attribute Exchange Profile, Scott Cantor, 11/16/2005
      - Re: Attribute Exchange Profile, Tom Scavo, 11/16/2005
        
        RE: Attribute Exchange Profile, Scott Cantor, 11/16/2005
        
        Re: Attribute Exchange Profile, Tom Scavo, 11/16/2005
        
        RE: Attribute Exchange Profile, Scott Cantor, 11/16/2005
        
        RE: Attribute Exchange Profile, Scott Cantor, 11/16/2005

List archive

Re: Attribute Exchange Profile