>>>>> "Alan" == Alan DeKok <[email protected]> writes:
Alan> I don't think re-assembly is required by the fragmentation
Alan> draft. I would strongly avoid requiring such reassembly.
Alan> Implementing it could require major changes to the proxies.
Alan> The re-writing done by current proxies is fairly minimal.
Alan> So it should have minimal effect on the fragments as suggested
Alan> by the draft.
so, I think you may be missing what Jim is asking about. Jim is talking
about a proxy that wants to radically change the SAML assertion being
carried. We think the only way to do that is for the proxy to act as a
client, grab the entire SAML assertion using the fragmentation protocol,
then originate an assertion of its own that it fragments and passes
along.
--Sam
_______________________________________________
abfab mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/abfab
