[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] Is my English description of an Authentication Assertion correct?
Looks like a pretty good English to XML (or XML to English) translation to me. Perhaps others will catch something that I missed. One thing to note, however, is that assertion would not be sufficient for sign-on in the web browser SSO profile(s) as it is missing an adequate subject confirmation element. > -----Original Message----- > From: Costello, Roger L. [mailto:costello@mitre.org] > Sent: Monday, May 08, 2006 7:11 AM > To: saml-dev@lists.oasis-open.org > Subject: [saml-dev] Is my English description of an Authentication > Assertion correct? > > Hi Folks, > > Below I have two things: > > 1. An English description of an authentication assertion. > > 2. Next, I give the same authentication assertion, but this time using > the SAML XML vocabulary. > > I have a question: > > Is my English description an accurate interpretation of the XML > version? /Roger > > ---------------------------------------------------- > ENGLISH DESCRIPTION OF THE ASSERTION > ---------------------------------------------------- > Identity Provider Assertion: > > This assertion is hereby dated May 8, 2006 at 12:00 pm Greenwich Mean > Time. > > I, http://www.AirlineInc.com, assert that I authenticated this Subject > (which I identify by email address): j.doe@acompany.com > > The Subject was authenticated on May 1, 2006 at 9:32 am Greenwich Mean > Time through the presentation of a password over a protected session. > > This assertion shall not be considered valid before > May 8, 2006 at 12:00 pm Greenwich Mean Time > or after > May 8, 2006 at 1:00 pm Greenwich Mean Time > > ---------------------------------------------------- > XML VERSION OF THE ASSERTION > ---------------------------------------------------- > <Assertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion" > Version="2.0" > IssueInstant="2006-05-08T12:00:00Z" > ID="abe567de6"> > > <Issuer> > http://www.AirlineInc.com > </Issuer> > > <Subject> > <NameID > Format="urn:oasis:names:tc:1.1:nameid-format:emailAddress"> > j.doe@acompany.com > </NameID> > </Subject> > > <Conditions NotBefore="2006-05-08T12:00:00Z" > NotOnOrAfter="2006-05-08T13:00:00Z"> > </Conditions> > > <AuthnStatement AuthnInstant="2006-05-01T09:32:00Z"> > <AuthnContext> > <AuthnContextClassRef> > > urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport > </AuthnContextClassRef> > </AuthnContext> > </AuthnStatement> > > </Assertion> > > --------------------------------------------------------------------- > This publicly archived list supports open discussion on implementing the > SAML OASIS Standard. To minimize spam in the > archives, you must subscribe before posting. > > [Un]Subscribe/change address: http://www.oasis-open.org/mlmanage/ > Alternately, using email: list-[un]subscribe@lists.oasis-open.org > List archives: http://lists.oasis-open.org/archives/saml-dev/ > Committee homepage: http://www.oasis-open.org/committees/security/ > List Guidelines: http://www.oasis-open.org/maillists/guidelines.php > Join OASIS: http://www.oasis-open.org/join/
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]