[mdx] Small change proposed to draft-young-md-query-saml-07
Cantor, Scott
cantor.2 at osu.edu
Mon Nov 6 06:25:33 PST 2017
> I may not be interpreting the diff correctly but I think you're
> basically saying that a client may use the {SHA1} syntax even if the
> identifier that follows is not a SHA-1 hash (let alone the SHA-1 hash
> of the entityID). Ugh. The MDQ protocol spec isn't even published yet
> and it already has an inherent bug.
It will never be published, so it is what it is. It's a meaingless issue in the scheme of things.
> If we were starting from scratch, we would probably define a
> {SourceID} syntax in the SAML profile, right?
Yes, but we're not, so we're making do.
> However, you can't say the same thing about entities that support the SAML2
> artifact profile. AFAIK, there is no such extension element for SAML2.
The extension applies in either case.
-- Scott
More information about the mdx
mailing list