SAML 2.0: remove NotBefore attribute when not answering an AuthnRequest

 * lasso/saml-2.0/login.c:
   In specification saml-profile-2.0-os.pdf, in paragraph 4.1.4.3, it is
   said that the SubjectConfirmationData node MUST NOT contain a
   NotBefore attribute if it contains an InReponseTo attribute,
   understanding that the response cannot (it the ID of the request is
   sufficiently random) arrive before the request and be valid with
   respect to the InResponseTo attribute.

0 files changed, 0 insertions, 0 deletions