[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [saml-dev] Clarification of consent in SAMLv2.0
This potentially solves a problem for me a well. On a related note, does SAML 2 Metadata provide any mechanism, either directly or via an extensibility point, for a SAML IdP or Attribute Service to "advertise" the Consent URI values it requires and or supports? Regards, - Anil On Tue, Feb 22, 2011 at 1:11 PM, Hal Lockhart <hal.lockhart@oracle.com> wrote: > Actually, the Consent XML Attribute which appears in the RequestAbstractType and StatusResponseType is defined by SAML Core to contain a URI. Section 8.4 of the Core defines values which may be used: > > Unspecified, Obtained, Prior, Implied, Explicit, Unavailable and Inapplicable. It briefly defines semantics for each. > > Other values could be provided. Obviously they overlap so presumably you pick the one that fits best, although I see nothing prohibiting you from including more than one. > > The XSPA profile references the healthcare concept of Consent Directives, but there is no particular XML construct called Consent. > > Hal > >> -----Original Message----- >> From: Cantor, Scott E. [mailto:cantor.2@osu.edu] >> Sent: Saturday, February 19, 2011 12:30 PM >> To: Security Developer >> Cc: saml-dev@lists.oasis-open.org >> Subject: Re: [saml-dev] Clarification of consent in SAMLv2.0 >> >> >> On Feb 19, 2011, at 6:58 AM, "Security Developer" >> <security.developer22@gmail.com> wrote: >> > Could any body please explain the concept of "Consent" in SAMLv2.0. >> >> If you mean the Consent attribute, It's just a dedicated >> field for passing statements about user consent involved with >> the production of a request or response to the peer. It gets >> very little use and isn't well-defined. >> >> -- Scott >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: saml-dev-unsubscribe@lists.oasis-open.org >> For additional commands, e-mail: saml-dev-help@lists.oasis-open.org >> >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: saml-dev-unsubscribe@lists.oasis-open.org > For additional commands, e-mail: saml-dev-help@lists.oasis-open.org > > -- :- :- Anil John :- http://twitter.com/aniltj :- http://www.aniltj.com/blog/ :-
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]