[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] Clarification of consent in SAMLv2.0
Actually, the Consent XML Attribute which appears in the RequestAbstractType and StatusResponseType is defined by SAML Core to contain a URI. Section 8.4 of the Core defines values which may be used: Unspecified, Obtained, Prior, Implied, Explicit, Unavailable and Inapplicable. It briefly defines semantics for each. Other values could be provided. Obviously they overlap so presumably you pick the one that fits best, although I see nothing prohibiting you from including more than one. The XSPA profile references the healthcare concept of Consent Directives, but there is no particular XML construct called Consent. Hal > -----Original Message----- > From: Cantor, Scott E. [mailto:cantor.2@osu.edu] > Sent: Saturday, February 19, 2011 12:30 PM > To: Security Developer > Cc: saml-dev@lists.oasis-open.org > Subject: Re: [saml-dev] Clarification of consent in SAMLv2.0 > > > On Feb 19, 2011, at 6:58 AM, "Security Developer" > <security.developer22@gmail.com> wrote: > > Could any body please explain the concept of "Consent" in SAMLv2.0. > > If you mean the Consent attribute, It's just a dedicated > field for passing statements about user consent involved with > the production of a request or response to the peer. It gets > very little use and isn't well-defined. > > -- Scott > --------------------------------------------------------------------- > To unsubscribe, e-mail: saml-dev-unsubscribe@lists.oasis-open.org > For additional commands, e-mail: saml-dev-help@lists.oasis-open.org > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]