Ivan Kanakarakis
Ivan Kanakarakis
Coming back to this. The [SAML2 core specification][s2c] specifies: > #### 1.3.3 Time Values > All SAML time values have the type `xs:dateTime`, which is built in to the W3C...
This was further discussed in the [mailing list][ml#idpy] and ..it seems everything is backwards. This is what the technical committee had to say: > [Subject: Re: [saml-dev] dateTime "time zone...
This is known and ugly at the moment. See also #489 and #549
> I just don't understand why there is lower case conversion at all. TBH, I am not sure either. It suppose that this is related to some use case that,...
Hello everyone, the SAML core specification defines certain "Proxying Processing Rules" (see section `3.4.1.5.1`). There it is defined that (highlight is mine) > - The `` in the new assertion...
In general I agree that the _creation_ of the authentication request is separate action/concern than the _signing_ of a request. Blending the two results in such inconsistencies. This function does...
The [SAML core][saml-core] specification defines: > ### 5.4.3 Canonicalization Method > > SAML implementations SHOULD use Exclusive Canonicalization [Excl-C14N], with or without comments, both in the `` element of ``,...
So, `http://www.w3.org/TR/2001/REC-xml-c14n-20010315` is inclusive c14n without comments. Atm, we only allow exclusive c14n (with or without comments): https://github.com/IdentityPython/pysaml2/blob/1e59eaa09a0b7185705004188fbbed0b53681a23/src/saml2/xmldsig/__init__.py#L62-L65 This is in line with the [SAML core] recommendations > ### 5.4...
any news on this @bugant ?
Thanks for the report; I agree that `must` should be deprecated and the API should be simplified.