imi-comment message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Comments from J.Durand
- From: "Jacques R. Durand" <JDurand@us.fujitsu.com>
- To: <imi-comment@lists.oasis-open.org>
- Date: Fri, 4 Jun 2010 19:42:15 -0700
Review of specification:
SAML V1.1 Information Card Token Profile
V1.0
SAML V2.0 Information Card Token Profile
V1.0
-------------
comments apply to both specs:
1- Is there any way to notify the behavior of
Relying Party w/r to what is accepted / not accepted, e.g.
"Implementations MAY accept claim types encoded
using the convention where..."
How is the implementation supposed to communicate
that it does not accept these (any error or warning to be generated?)
2- Reading the conformance clause, it sounds like
there are 3 conformance targets, not just 2:
(a) Identity Provider implementation
(b) Relying Party implementation
(c) assertions
Since the concept of consistent (or conforming)
assertion is so important to
"implementations" (a and b) as these are actually
evaluated on their ability to handle such assertions
shouldn't the conf clause also define what a
conforming assertion is and more explicitly refer
to the related normative text (which I feel are not
just restricted to section 2.3.3. ?)
3- Conformance Clause editorial:
- " A Relying Party implementation conforms to this
profile if it can accept assertions consistent with the
normative text of Section 2.4. "
Not only I believe: because the assertions it is
supposed to accept are also to be consistent with 2.3.3.
Might be resolved by addressing comment
#2.
- Given the very concise wording of the conformance
clause, it might be helpful to
clarify that being "consistent with the normative
text" actually means that the implementation
only needs to behave consistently with normative
statements using MUST / MUST NOT
(as readers might wonder what does it mean to be
consistent with a SHOULD statement...).
Regards,
Jacques
D.
Fujitsu America,
Inc.
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]