[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Moving subjects up to assertions (disregardfirst reply)
Per the focus call, I'll offer my proposal as an alternative and obviously encourage others to do so if they don't like Eve's or mine. Basically I advocate making <Subject> optional in the existing core-07 schema proposal, which has factored it up to <Assertion> level. That is the extent of my proposal's schema change. I would then add language to the spec for the existing three statement types plus any future subject-based statement extensions that basically says something like: "An assertion containing such a statement MUST contain a <Subject> element as defined by sec. XX. If a <Subject> is not provided, then any such statements are invalid and MUST be ignored. This <Subject> element applies to all such statements in the assertion. Any other statements MUST define their relationship to the <Subject> element, if any." Wordsmithed as need be, but that's the gist. I would even be fine with adding <SubjectStatement> back in and having it merely hold SessionIndex, and then derive our statements off it. Then all the language goes in there, which makes things easier. Not sure if the notion of session makes sense without a <Subject>, but I doubt it. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]