diff --git a/src/s2repoze/plugins/sp.py b/src/s2repoze/plugins/sp.py
index 306fded..38537b0 100644
--- a/src/s2repoze/plugins/sp.py
+++ b/src/s2repoze/plugins/sp.py
@@ -305,7 +305,7 @@ class SAML2Plugin(FormPluginBase):
 # used 2 times : one to get the ticket, the other to validate it
     def _serviceURL(self, environ, qstr=None):
         if qstr != None:
-            url = construct_url(environ, querystring=qstr)
+            url = construct_url(environ, querystring = qstr)
         else:
             url = construct_url(environ)
         return url
diff --git a/src/saml2/client.py b/src/saml2/client.py
index 54cf5ee..86645b5 100644
--- a/src/saml2/client.py
+++ b/src/saml2/client.py
@@ -42,7 +42,7 @@ FORM_SPEC = """<form method="post" action="%s">
    <input type="submit" value="Submit" />
 </form>"""
 
-LAX = True
+LAX = False
 
 SESSION_INFO = {"ava":{}, "came from":"", "not_on_or_after":0,
                     "issuer":"", "session_id":-1}
@@ -295,7 +295,7 @@ class Saml2Client(object):
         condition = assertion.conditions
         log and log.info("condition: %s" % condition)
         now = time.gmtime()
-        log and log.info("now: %s" % time.mktime(now))
+        #log and log.info("now: %s" % time.mktime(now))
         not_on_or_after = str_to_time(condition.not_on_or_after)        
         if not_on_or_after < now:
             # To old ignore
@@ -303,7 +303,7 @@ class Saml2Client(object):
                 raise Exception("To old can't use it")
 
         not_before = str_to_time(condition.not_before)        
-        log and log.info("not_before: %s" % time.mktime(not_before))
+        #log and log.info("not_before: %s" % time.mktime(not_before))
         if not_before > now:
             # Can't use it yet
             if not LAX:
diff --git a/src/saml2/server.py b/src/saml2/server.py
index 4f85fee..7064917 100644
--- a/src/saml2/server.py
+++ b/src/saml2/server.py
@@ -32,7 +32,7 @@ from saml2.utils import kd_subject_confirmation_data, kd_success_status
 from saml2.utils import filter_attribute_value_assertions
 from saml2.utils import OtherError, do_attribute_statement
 from saml2.utils import VersionMismatch, UnknownPrincipal, UnsupportedBinding
-from saml2.utils import filter_on_attributes
+from saml2.utils import filter_on_attributes, kd_status_from_exception
 
 from saml2.sigver import correctly_signed_authn_request
 from saml2.sigver import pre_signature_part
diff --git a/src/saml2/utils.py b/src/saml2/utils.py
index 3068fd8..c352032 100644
--- a/src/saml2/utils.py
+++ b/src/saml2/utils.py
@@ -31,6 +31,7 @@ EXCEPTION2STATUS = {
     UnknownPrincipal: samlp.STATUS_UNKNOWN_PRINCIPAL,
     UnsupportedBinding: samlp.STATUS_UNSUPPORTED_BINDING,
     OtherError: samlp.STATUS_UNKNOWN_PRINCIPAL,
+    MissingValue: samlp.STATUS_REQUEST_UNSUPPORTED,
 }
 
 def decode_base64_and_inflate( string ):
@@ -402,6 +403,8 @@ def ava_to_attributes(ava, bmap):
 
 def do_attributes(identity):
     attrs = []
+    if not identity:
+        return attrs
     for key, val in identity.items():
         dic = {}