OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: RE: Assertion Element


Bob,

I would strongly suggest looking at the
assertion and protocol schema as an authoritative
source. A copy of XML spy is also recommended (I have
no commercial interest in the vendor).

Following the discussion in f2f#3, 
element Conditions of COnditionsType
has attributes NotBefore and NoOnOrAfter.

An AttributeAssertion contains one or more
attributes. Each attribute is of AttributeType: 

<complexType name="AttributeType">
		<sequence>
			<element ref="saml:AttributeName"/>
			<element ref="saml:AttributeNamespace"
minOccurs="0"/>
			<element name="AttributeValue"
type="saml:AttributeValueType" maxOccurs="unbounded"/>
		</sequence>
</complexType>

>>-----Original Message-----
>>From: George Robert Blakley III [mailto:blakley@us.tivoli.com]
>>Sent: Friday, August 24, 2001 2:12 PM
>>To: Hal Lockhart
>>Cc: 'security-services@lists.oasis-open.org'
>>Subject: Assertion Element
>>
>>
>>I was looking at Phill's diagrams yesterday evening and two 
>>things jumped
>>out at me.
>>
>>The first was that I couldn't find the validity interval
>>(NotBefore/NotAfter) anywhere.  I thought these
>>were in the base schema... but I can't remember for sure.  
>>The second was
>>that the AttributeAssertionType
>>has a simple "Attribute" member... should this be called out as a
>>Type/Value or Name/Value structure?
>>
>>
>>--bob
>>
>>Bob Blakley (email: blakley@us.tivoli.com   phone: +1 512 436 1564)
>>Chief Scientist, Security and Privacy, Tivoli Systems, Inc.
>>
>>
>>Hal Lockhart <hal.lockhart@entegrity.com> on 08/24/2001 12:44:43 PM
>>
>>Please respond to Hal Lockhart <hal.lockhart@entegrity.com>
>>
>>To:   "'security-services@lists.oasis-open.org'"
>>      <security-services@lists.oasis-open.org>
>>cc:
>>Subject:  Object Element
>>
>>
>>
>>Someone else may have already spotted this, but more cleanup 
>>is required
>>around Object in core 0.15.
>>
>>QueryAbstractType still refers to Object, but in 
>>Authorization Decision
>>Assertion, Object has been eliminated and Resource and Action are now
>>independant elements.
>>
>>Hal
>>
>>----------------------------------------------------------------
>>To subscribe or unsubscribe from this elist use the subscription
>>manager: <http://lists.oasis-open.org/ob/adm.pl>
>>
>>
>>
>>----------------------------------------------------------------
>>To subscribe or unsubscribe from this elist use the subscription
>>manager: <http://lists.oasis-open.org/ob/adm.pl>
>>


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC