[mdx] Joe on 3.1.1
Ian Young
ian at iay.org.uk
Fri Sep 27 05:48:30 PDT 2013
On 27 Sep 2013, at 12:56, Tom Scavo <trscavo at gmail.com> wrote:
> What is the use case for B and C?
There has been some mail about that today. The identifier transform thing is needed for artifact profile in SAML.
> When you write "MTI," I assume you mean "Mandatory to Implement."
Yes.
> Are B and C MTI? If so, why?
Yes, the (current) spec says they are MTI:
"Responders MUST support the MD5 (transformation indicator 'md5') and
SHA-1 (transformation indicator 'sha1') hashing algorithms as
identifier transformations."
At a higher level, you can't do all of SAML if you don't support SHA-1. Maybe that shouldn't be a MUST in the spec, but it would still be a MUST for people running SAML federations.
-- Ian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4813 bytes
Desc: not available
URL: <http://lists.iay.org.uk/pipermail/mdx-iay.org.uk/attachments/20130927/2dfa7e41/attachment.bin>
More information about the mdx
mailing list