Hi Tom Tom Scavo wrote:
Not sure why you're so concerned about statement types. An X.509 Binding for SAML Assertions does care much about the payload. (First we have to specify *how* to bind, then we can talk about *what* :)
The reason being that the SAML Authz statement is now acknowledged to be deficient and we will formally deprecate it once the XACML request context replaces it regards David
Tom
-- ***************************************************************** David W. Chadwick, BSc PhD Professor of Information Systems Security The Computing Laboratory, University of Kent, Canterbury, CT2 7NF Skype Name: davidwchadwick Tel: +44 1227 82 3221 Fax +44 1227 762 811 Mobile: +44 77 96 44 7184 Email: D.W.Chadwick@kent.ac.uk Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html Research Web site: http://www.cs.kent.ac.uk/research/groups/iss/index.html Entrust key validation string: MLJ9-DU5T-HV8J PGP Key ID is 0xBC238DE5 *****************************************************************