OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

imi message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [imi] RE: Proposed claim encoding profile for SAML 1.1 tokens

Yea it’s those nasty shares that I have to mount hereJ. I agree with the SAML 1.1 Managed cards, I assumed that this would apply to both managed and non-managed cards. My point is that we have seen some with the trailing “/” and some w/o and this needs to be clarified.

 

From: John Bradley [mailto:jbradley@mac.com]
Sent: Friday, August 28, 2009 12:26 PM
To: Anthony Nadalin
Cc: Mike Jones; imi@lists.oasis-open.org
Subject: Re: [imi] RE: Proposed claim encoding profile for SAML 1.1 tokens

 

At the moment we have nothing for SAML 1.1 managed cards.

 

That is an even bigger potential interoperability issue.

 

This at least gives us something to discuss.

 

I am guessing that you mean "/" as a terminating character.   This MS gig has really gotten to you.

 

None of the claims in the ICF catalog have trailing "/" nor do the p-card claims eg

 

If you are under some different impression that makes documenting this more important.

 

I would be OK with just documenting the current behavior based on the p-card STS.

We could say the SAML 1.1 profile only supports http scheme URI that have one or more one path segments.

 

That is basically where we are anyway.  Less code to rewrite for MS.

 

People who need more functionality should use the SAML 2.0 profile.

 

Fixing IMI SAML 1.1 code  to deal with URNs and other things may not be worth the effort.

 

We do however need something written down!

 

John B.

 

On 28-Aug-09, at 1:10 PM, Anthony Nadalin wrote:



I think there are a few problems, as it does not explicitly state that the “\” at the end is required. Also the language is too laxed for interoperability, this seems to be caused by the desire to have some level of co-existence with the SAML 2.0 profile, which may not be the best thing to do

 

From: Mike Jones [mailto:Michael.Jones@microsoft.com] 
Sent: Thursday, August 27, 2009 8:07 AM
To: imi@lists.oasis-open.org
Subject: [imi] Proposed claim encoding profile for SAML 1.1 tokens

 

I’ve run the attached proposed claim encoding profile for SAML 1.1 tokens by John and Drummond, as well as Paul Trevithick.  I believe it does what we need (while still being a one-pager).  It’s intended to maximize interoperability.

 

This issue is tracked as IMI-23.

 

                                                                                -- Mike

 

 

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]