[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [security-services] URNs for SAML spec identifiers
The SAML core spec draft (draft-sstc-core-25.pdf) specifies a number of URIs to identify protocol elements, including XML namespaces (eg lines 180 and 183) and other items such as confirmation methods (section 7.1, lines 1449 and following). These are currently http: URLs (acknowledged as temporary), but I suggest it would be better to use URNs in the urn:oasis namespace as defined in RFC 3121. I note that the DSML 2.0 document uses a base namespace of "urn:oasis:names:tc:DSML:2:0:core" and so is a good precedent. I suggest for SAML a base of: urn:oasis:names:tc:SAML:1.0 Even though the TC isn't named "SAML" it seems like this string would be both concise and well-understood. But Karl (I suppose) should make this call. Given the above, the assertion and protocol URNs could be: urn:oasis:names:tc:SAML:1.0:assertion urn:oasis:names:tc:SAML:1.0:protocol and perhaps the confirmation method identifiers could be: urn:oasis:names:tc:SAML:1.0:cm:artifact urn:oasis:names:tc:SAML:1.0:cm:holder-of-key etc. And the Action namespace identifiers in section 7.2 (lines 1520 etc) could be: urn:oasis:names:tc:SAML:1.0:action:rwedc etc. - RL "Bob"
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC