By using
ProxyRestriction element asserting party impose restrictions on relying
parties.
ProxyRestriction
element contains one attribute “count” which specifies the maximum number of
indirections that the asserting party permits to exist between this assertion
and an assertion, which has ultimately been issued on the basis of it.
ProxyRestriction
has audience element, specifies the set of audiences to whom the asserting
party permits new assertions to be issued on the basis of this assertion.
If count is
zero, then relying party must not issue this assertion to another relying
party.
If count is
greater than zero, any assertions so issued MUST themselves contain a <ProxyRestriction>
element with a Count value of at most one less than this value.
No comments:
Post a Comment