[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [security-services] ISSUE: Format attribute for Issuer also
> > So I suggest (as an ISSUE) that the schema for Issuer be modified to > > permit the inclusion of the "Format" attribute for it too > > (sorry my schema > > skills are limited, so I can't suggest the mod). > > I disagree. As it stands, the <Issuer> element refers to a pre-defined > relationship between the asserting party and the relying party. The > only reasonable thing to do with this field is for the relying party > to look it up in a table - there should be no need to parse it in any > way. "Look it up in a table" implies rules about matching of values, which is probably the main thing a format spec gives you (or it should). Does Issuer "foo.bar.com" match Issuer "FOO.BAR.COM"? Does Issuer "foo.bar.com" match Issuer "foo.bar.com."? Etc. We could say that "string" means binary match, but that would be counter-intuitive for those name forms, such as DNS names and X.500 DNs, that have existing matching rules. - RL "Bob"
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC