[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] SubjectConfirmation in SAML query
> Well, the RequestAbstractType already has an extension point, so the > Attribute elements could be added today without additional schema, > right? Yes. > Are you saying that some profile work is needed to insure > interoperable AuthnRequest/AttributeQuery combinations? That would be > great! I think all you need is an extension profile along the lines of the Third Party Request extension that outlines the syntax (probably a container element for the Attributes rather than just piling them in) and the language to weasel things like that extension did. "Profiles for whom returning attributes is in scope MAY utilize the Attribute elements as a request for specific attributes and values, yadda, yadda." Given the fact that it doesn't seem as though many/any products seem to even support the metadata-based referencing to attributes during SSO, I'm not sure there's much hope that anything but Shibboleth and its siblings would bother doing it, but we probably would. It's not at the top of my priority stack though. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]