OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [security-services] Attributes in SAML 2.0 and Alignment with SPML 1.0


Prateek,
 
You are correct that SPML 1.0 builds on DSML 2.0 and uses DSML 2.0 attributes for the same purpose as SAML attributes. This path was originally taken to achieve some level of "standards reuse". Originally the idea was that SPML would be nothing more than DSML with a few enhanced that are needed to solve certain provisioning problems. In reality SPML diverged farther from DSML than was originally intended and one point there was consideration of not using DSML at all in SPML. 
 
SAML atttributes are already almost identical to SPML attributes in function already, so I don't think any changes would be needed. The only functional difference between the two is that SAML attributes have an explict namespace for the attribute name, where as in SPML there is just the attribute name that could be a URI that included a namespace if desired.
 
Jeff Bohren
OpenNetwork Technologies
 
 

	-----Original Message----- 
	From: Mishra, Prateek [mailto:pmishra@netegrity.com] 
	Sent: Mon 3/15/2004 2:20 PM 
	To: security-services@lists.oasis-open.org 
	Cc: 
	Subject: [security-services] Attributes in SAML 2.0 and Alignment with SPML 1.0
	
	

	I have received the suggestion that our treatment of attributes in SAML 2.0
	be somewhat aligned with their treatment in SPML 1.0. As best as I can
	figure out, SPML 1.0 uses the DSML 2.0 elements <dsml:DsmlAttr> and
	<dsml:AttributeDescriptionValue> to represent X.500 attribute names and
	values as XML elements.
	
	Could anyone comment on the strengths and weaknesses of this approach?
	
	To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/security-services/members/leave_workgroup.php.
	
	



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]