> What have you found to be a reasonable default. I think it would be good > if our default was reasonable ;-)
I _almost_ suggested changing the default, but didn't mention it because I don't have enough data points yet to know whether it's a problem of client misconfiguration (NTP config) or something more general. Our testing of the SAML validator has largely been on test machines, including developer workstations, where NTP hasn't been rigorously configured. We should have more data in the near future with our production deployment of CAS 3.3.3 in Sept, after which time many clients will likely take advantage of SAML and attribute release. If we notice a more pervasive problem here at Tech, or this issue becomes more prevalent on cas-user, then we should likely change the default. Until then, I would recommend we keep as-is. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
