On 31/08/2017 12:29, Colm O hEigeartaigh wrote:
On Thu, Aug 31, 2017 at 11:22 AM, Francesco Chicchiriccò
wrote:
About checking the Relay State expiration, the duration is currently set
to 5 seconds but I am afraid it is not curerntly verified during the
response validation.
5 seconds seems a
On Thu, Aug 31, 2017 at 11:22 AM, Francesco Chicchiriccò <
ilgro...@apache.org> wrote:
>
>
> About checking the Relay State expiration, the duration is currently set
> to 5 seconds but I am afraid it is not curerntly verified during the
> response validation.
>
5 seconds seems a bit unreasonable,
On 31/08/2017 11:33, Colm O hEigeartaigh wrote:
On Thu, Aug 31, 2017 at 7:51 AM, Francesco Chicchiriccò
wrote:
Anyway, I see several SAML 2.0 implementations out there not enforcing the
80 chars limit: would removing all but the AuthnRequestID from the current
JWT-based Relay State be an acce
On Thu, Aug 31, 2017 at 7:51 AM, Francesco Chicchiriccò wrote:
>
> Anyway, I see several SAML 2.0 implementations out there not enforcing the
> 80 chars limit: would removing all but the AuthnRequestID from the current
> JWT-based Relay State be an acceptable compromise?
>
Yeah, let's just leave
On 30/08/2017 19:01, Colm O hEigeartaigh wrote:
Hi Francesco,
On Thu, Aug 17, 2017 at 2:10 PM, Francesco Chicchiriccò
wrote:
Hi Colm,
at the moment the relay state as signed JWT is used to hold [1]:
* the preference to use the (non-standard?) deflate encoding - which might
be omitted, we co
Hi Francesco,
On Thu, Aug 17, 2017 at 2:10 PM, Francesco Chicchiriccò wrote:
>
> Hi Colm,
> at the moment the relay state as signed JWT is used to hold [1]:
>
> * the preference to use the (non-standard?) deflate encoding - which might
> be omitted, we could just take such setting from IdP confi
On 15/08/2017 11:38, Colm O hEigeartaigh wrote:
Hi all,
According to the SAML 2.0 binding spec:
RelayState data MAY be included with a SAML protocol message transmitted
with this binding. The value MUST NOT exceed 80 bytes in length
However, the relaystate we are using in Syncope, is a signed
Hi all,
According to the SAML 2.0 binding spec:
RelayState data MAY be included with a SAML protocol message transmitted
with this binding. The value MUST NOT exceed 80 bytes in length
However, the relaystate we are using in Syncope, is a signed JWT, which has
length 371. Perhaps we need to reco
