[mdx] new document: SAML Profile for the Metadata Query Protocol
Ian Young
ian at iay.org.uk
Tue Nov 26 03:48:45 PST 2013
On 25 Nov 2013, at 19:53, Cantor, Scott <cantor.2 at osu.edu> wrote:
> On 11/25/13, 12:54 PM, "Ian Young" <ian at iay.org.uk> wrote:
>>
>> I was thinking that we could use something to indicate that the returned
>> document should stand alone, and that any TLS involved to the query
>> endpoint should not be factored in to runtime trust. I had been
>> remembering that as part of the IOP, but I guess I must have
>> misremembered as I don't see it in there now that I come to look again.
>> Neither does it appear to be in the InCommon implementation profile,
>> which was the next place I looked.
>>
>> Does this ring a bell for anyone? If so, which reference am I thinking of?
>
> It sounds familiar, but the InCommon document would have been my guess.
Having re-read both, I think perhaps I was thinking of some of the notes in the IOP section 2.7 on Security Considerations.
>> I guess another question would be whether we do actually need such a
>> reference, or would prefer to be silent on that issue.
>
> I think it's better to leave the trust issues outside this document.
OK, fair enough. Are you OK with the "Integrity" section in this document as it stands, though?
-- Ian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5943 bytes
Desc: not available
URL: <http://lists.iay.org.uk/pipermail/mdx-iay.org.uk/attachments/20131126/c502a49e/attachment.bin>
More information about the mdx
mailing list