SUMMARY: I am making the editorial recommendation that we remove the word SSO from lines 523-524. It would then read:

-----Original Message----- From: Mishra, Prateek [mailto:pmis...@netegrity.com] Sent: Tuesday, May 20, 2003 4:35 PM To: secu...@lists.oasis-open.org Subject: [security-services] ooops, or error on lines 523-524 of binding

Lines 523-524 of bindings-07 state:

or more SAML artifacts in its possession in order to acquire a >>SAML SSO assertion that corresponds to each artifact.

Unfortunately, this is a botched correction of an earlier incorrect statement in cs-sstc-bindings-01:

500 - 501

"dereferences the one or more SAML artifacts in its possession in order to acquire a SAML authentication assertion that corresponds to each artifact"

Other contexts in bindings-07 make it clear that assertions other than SSO assertions may be passed via artifacts:

550 At least one of the SAML assertions returned to the destination site MUST be an SSO assertion.

OR

611 * SAML assertions communicated in step 5 MUST include an SSO assertion.

OR

718-721

Exactly one SAML response MUST be included within the FORM body with the control name SAMLResponse; multiple SAML assertions MAY be included in the response. At least one of the assertions MUST be an SSO assertion. A single target description MUST be included with the control name TARGET.

-------------------------------------------------------------------

SUMMARY: I am making the editorial recommendation that we remove the word SSO from lines 523-524. It would then read:

or more SAML artifacts in its possession in order to acquire a >>SAML assertion that corresponds to each artifact.

You may leave a Technical Committee at any time by visiting http://www.oasis-open.org/apps/org/workgroup/security- services/members/leave_workgroup.php