As a general point and FWIW, capitalized (RFC 2119) uses of MUST,
SHOULD, etc. are meant to make it easy to form testable assertions
for compliance-checking. It's best to avoid redundant normative
spec content, though sometimes repetition or restatement in the
right places can reinforce a
Hi folks-- There certainly seems to be some convergentness in the
air here! Below is a very quick analysis/comparison of the two
docs. Hopefully some of us can discuss in detail in person this week...
I'm intrigued by the use in Dick's profile of ...:entity as the
NameID Format for OpenID
Just to be clear, identity provider in SAML isn't intended to mean
that this system entity is providing an identity to a digital
subject -- it means that this system entity is providing identity
information (specifically verification/authentication info) to a
relying party/service provider.