OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [saml-dev] Is my English description of an Authentication Assertion correct?


Looks like a pretty good English to XML (or XML to English) translation
to me.  Perhaps others will catch something that I missed.

One thing to note, however, is that assertion would not be sufficient
for sign-on in the web browser SSO profile(s) as it is missing an
adequate subject confirmation element.

> -----Original Message-----
> From: Costello, Roger L. [mailto:costello@mitre.org]
> Sent: Monday, May 08, 2006 7:11 AM
> To: saml-dev@lists.oasis-open.org
> Subject: [saml-dev] Is my English description of an Authentication
> Assertion correct?
> 
> Hi Folks,
> 
> Below I have two things:
> 
> 1. An English description of an authentication assertion.
> 
> 2. Next, I give the same authentication assertion, but this time using
> the SAML XML vocabulary.
> 
> I have a question:
> 
> Is my English description an accurate interpretation of the XML
> version?  /Roger
> 
> ----------------------------------------------------
> ENGLISH DESCRIPTION OF THE ASSERTION
> ----------------------------------------------------
> Identity Provider Assertion:
> 
> This assertion is hereby dated May 8, 2006 at 12:00 pm Greenwich Mean
> Time.
> 
> I, http://www.AirlineInc.com, assert that I authenticated this Subject
> (which I identify by email address): j.doe@acompany.com
> 
> The Subject was authenticated on May 1, 2006 at 9:32 am Greenwich Mean
> Time through the presentation of a password over a protected session.
> 
> This assertion shall not be considered valid before
>     May 8, 2006 at 12:00 pm Greenwich Mean Time
> or after
>     May 8, 2006 at 1:00 pm Greenwich Mean Time
> 
> ----------------------------------------------------
> XML VERSION OF THE ASSERTION
> ----------------------------------------------------
> <Assertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
>            Version="2.0"
>            IssueInstant="2006-05-08T12:00:00Z"
>            ID="abe567de6">
> 
>     <Issuer>
>         http://www.AirlineInc.com
>     </Issuer>
> 
>     <Subject>
>         <NameID
> Format="urn:oasis:names:tc:1.1:nameid-format:emailAddress">
>             j.doe@acompany.com
>         </NameID>
>     </Subject>
> 
>     <Conditions NotBefore="2006-05-08T12:00:00Z"
>                 NotOnOrAfter="2006-05-08T13:00:00Z">
>     </Conditions>
> 
>     <AuthnStatement AuthnInstant="2006-05-01T09:32:00Z">
>         <AuthnContext>
>             <AuthnContextClassRef>
> 
> urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
>             </AuthnContextClassRef>
>         </AuthnContext>
>     </AuthnStatement>
> 
> </Assertion>
> 
> ---------------------------------------------------------------------
> This publicly archived list supports open discussion on implementing
the
> SAML OASIS Standard. To minimize spam in the
> archives, you must subscribe before posting.
> 
> [Un]Subscribe/change address: http://www.oasis-open.org/mlmanage/
> Alternately, using email: list-[un]subscribe@lists.oasis-open.org
> List archives: http://lists.oasis-open.org/archives/saml-dev/
> Committee homepage: http://www.oasis-open.org/committees/security/
> List Guidelines: http://www.oasis-open.org/maillists/guidelines.php
> Join OASIS: http://www.oasis-open.org/join/



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]