1. The <saml:Audience> requirement on lines 191--192 can only be met
if the SP authenticates to the IdP, but the security characteristics
of Basic Mode are mostly inherited from the Attribute Query/Request
Profile, which does not mandate authenticated queries.
Okay, consensus on the call was that the IdP puts whatever identifier
the SP provides into the <saml:Audience>. That's fine.
2. The metadata requirements in section 3.4 stipulate that if SAML
metadata is used, query:AttributeQueryDescriptorType SHOULD be used,
but since this type is the only such type available for use, it seems
the normative language is too weak in this case.
I'm still not clear on how best to reword this. Scott, would you mind
taking a crack at this? Here's how it stands now:
The service provider and identity provider MAY use metadata in support
of this deployment profile for locating endpoints, communicating key
information, and so on. If SAML V2.0 metadata is used, the
<md:AttributeAuthorityDescriptor> element defined by the SAML metadata
specification [SAMLMeta] and the query:AttributeQueryDescriptorType
complex type defined by the SAML metadata extension specification
[SAMLMeta-Ext] SHOULD be used with this deployment profile.