[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: Request for clarification
Not to diffuse the wonderful discussions that are going on, I've seen no direct response to the email I sent a short while ago. The message was critical of the new Element <Evidence> for a variety of reasons -- those of precise syntax as well as trust. Perhaps the mailer did not send the message out? Could a couple of you please confirm receipt etc. and update the status both of the Element <Evidence> and the issues attached? Thanks! /Michah From: Lerner, Michah, ALSVC Sent: Thursday, July 26, 2001 12:21 AM To: oasis sstc Subject: draft-sstc-core-10 sec 1.4.4.2 Element <Evidence> As with any new element, there are bound to be questions about the Element <Evidence> defined by section 1.4.4.2 of draft-sstc-core-10 and core-discussion-00 sections 3.1.1, 4.1.14, and 4.2.3. Here are several that may benefit from clarification and discussion. 1) Is saml:evidence different from saml:advice? Already xtass:evidence shares identical wording with saml:advice, including the missing \) 2) Since an AuthorizationDecisionAssertion is "made subject to the assertions in the Evidence element" a) Does the AuthorizationDecisionAssertion certify the textually enclosed saml:evidence as valid "jointly and severally", as defined by the Element <Claims>? If so, what is the purpose of carrying the evidence, and is the evidence unique or complete? b) What, if any, are the consistency requirements between multiple saml:evidence elements within an AuthorizationDecisionAssertion? 3) Is saml:evidence local to the saml:AuthenticationDecisionAssertion that textually encloses it? 4) What properties describe the saml:evidence available in a SAMLResponse to a SAML protocol AuthorizationQuery, and how does this depend on the evidence provided in the query? //Michah ------------------------------------------------------------------ To unsubscribe from this elist send a message with the single word "unsubscribe" in the body to: security-services-request@lists.oasis-open.org
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC