Comments on core-2.0-cd-01 - Paul Madsen - org.oasis-open.lists.security-services

4 messages in org.oasis-open.lists.security-servicesComments on core-2.0-cd-01

From	Sent On	Attachments
Paul Madsen	Aug 26, 2004 8:25 am
Scott Cantor	Aug 26, 2004 8:32 am
Paul Madsen	Aug 26, 2004 9:24 am
Scott Cantor	Aug 26, 2004 9:27 am

Subject:	Comments on core-2.0-cd-01
From:	Paul Madsen (p.ma...@entrust.com)
Date:	Aug 26, 2004 8:25:18 am
List:	org.oasis-open.lists.security-services

Section 2.6.4 - Line 973 - The definition for <AuthnContext> should acknowledge that its (theoretically) more than just the authentication event. -> 'The context used by the identity provider *up to and including* the authentication event .....'

Section 3.7.3.1 (Lines 2340-2344) - The conditions against which assertions are measured to determine if a <LogoutRequest> should be applied to omits the fundamental requirement of a match against any of BaseID or NamedID or EncryptedID.

Section 3.7.3.2 - (Lines 2439-2440) - typo, missing 'assertion' from ' If the sender is a session participant to which the session authority provided an containing an authentication statement...'

Section 8.3 - urn:oasis:names:tc:SAML:2.0:nameid-format:encrypted missing from list of valid Format values

Thanks

Paul

References

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets