saml-dev message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: ACTION-ITEM: Addition of ID attributes to SAML 1.0 elements in SAML 1.1
- From: "Mishra, Prateek" <pmishra@netegrity.com>
- To: saml-dev@lists.oasis-open.org, "'security-services@lists.oasis-open.org'" <security-services@lists.oasis-open.org>
- Date: Mon, 31 Mar 2003 11:27:19 -0500
We are considering an
update to the SAML schema to include an
ID attribute in SAML
1.1. I am sending this message to alert you to this possibility and
to solicit your reactions.
Question: What is the
impact of this change on existing SAML 1.0 implementations?
Answer: Loss of
"forward-compatibility" in that a SAML 1.0 processor (server) cannot
validate a SAML 1.1 document even if the SAML 1.1 document utilizes elements
found only in SAML 1.0. Why? Because in SAML 1.1 elements drawn from SAML
1.0 may now carry an ID attribute and a validating parser will find this
unacceptable.
So the real question is
whether implementors are relying upon forward compatibility. And
indeed, whether it is a real problem as opposed to a theoretical possibility.
Keep in mind that version
numbers etc. will be appropriately updated so that the SAML 1.0
processor can always determine that it has been handed a SAML 1.1
document.
----------------------
Prateek Mishra
Netegrity
p: 781-530-6564
c: 781-308-5198
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]