-
Type: Bug
-
Status: Resolved
-
Priority: Minor
-
Resolution: Applied
-
Affects Version/s: 2.0
-
Fix Version/s: SAML 2.0 + Approved Errata 05
-
Component/s: Core
-
Labels:None
-
Proposal:
-
Resolution:
Sec 8.3.7, line 3321-3323, states that the values of this attribute MUST be pseudo-random. This has cryptographic connotations that go beyond the intent of this format, which was simply to guarantee that values would not directly expose the underlying principal identity and would be unique within the scope of the qualifiers attached. This can be achieved without actual pseudo-random construction of the identifiers, so this should not have been stated as a MUST.