OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [saml-dev] Clarification of consent in SAMLv2.0

This potentially solves a problem for me a well.  On a related note,
does SAML 2 Metadata provide any mechanism, either directly or via an
extensibility point, for a SAML IdP or Attribute Service to
"advertise" the Consent URI values it requires and or supports?

Regards,

- Anil

On Tue, Feb 22, 2011 at 1:11 PM, Hal Lockhart <hal.lockhart@oracle.com> wrote:
> Actually, the Consent XML Attribute which appears in the RequestAbstractType and StatusResponseType is defined by SAML Core to contain a URI. Section 8.4 of the Core defines values which may be used:
>
> Unspecified, Obtained, Prior, Implied, Explicit, Unavailable and Inapplicable. It briefly defines semantics for each.
>
> Other values could be provided. Obviously they overlap so presumably you pick the one that fits best, although I see nothing prohibiting you from including more than one.
>
> The XSPA profile references the healthcare concept of Consent Directives, but there is no particular XML construct called Consent.
>
> Hal
>
>> -----Original Message-----
>> From: Cantor, Scott E. [mailto:cantor.2@osu.edu]
>> Sent: Saturday, February 19, 2011 12:30 PM
>> To: Security Developer
>> Cc: saml-dev@lists.oasis-open.org
>> Subject: Re: [saml-dev] Clarification of consent in SAMLv2.0
>>
>>
>> On Feb 19, 2011, at 6:58 AM, "Security Developer"
>> <security.developer22@gmail.com> wrote:
>> > Could any body please explain the concept of "Consent" in SAMLv2.0.
>>
>> If you mean the Consent attribute, It's just a dedicated
>> field for passing statements about user consent involved with
>> the production of a request or response to the peer. It gets
>> very little use and isn't well-defined.
>>
>> -- Scott
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: saml-dev-unsubscribe@lists.oasis-open.org
>> For additional commands, e-mail: saml-dev-help@lists.oasis-open.org
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: saml-dev-unsubscribe@lists.oasis-open.org
> For additional commands, e-mail: saml-dev-help@lists.oasis-open.org
>
>



-- 
:-
:- Anil John
:- http://twitter.com/aniltj
:- http://www.aniltj.com/blog/
:-

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]