[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Attributes in SAML 2.0 and Alignment with SPML 1.0
Thanks for the clarification. Oddly, this specific comment is missing from
the version of your document I read ("Convention for Use of X.500/LDAP
Attribute Types in SAML") but I did rediscover it in some of our minutes.
- prateek
-----Original Message-----
From: RL 'Bob' Morgan [mailto:rlmorgan@washington.edu]
Sent: Monday, March 15, 2004 8:17 PM
To: Mishra, Prateek
Cc: OASIS Security Services TC
Subject: Re: [security-services] Attributes in SAML 2.0 and Alignment with
SPML 1.0
On Mon, 15 Mar 2004, Mishra, Prateek wrote:
> I have received the suggestion that our treatment of attributes in SAML
> 2.0 be somewhat aligned with their treatment in SPML 1.0. As best as I
> can figure out, SPML 1.0 uses the DSML 2.0 elements <dsml:DsmlAttr> and
> <dsml:AttributeDescriptionValue> to represent X.500 attribute names and
> values as XML elements.
>
> Could anyone comment on the strengths and weaknesses of this approach?
This may be moot, but as regards attribute naming, as far as I can tell
DSML makes the naive assumption that attributes can be well-named by their
LDAP string descriptors (eg, "cn"). This is really inadequate for reasons
I wrote about in my attribute-naming proposal document.
- RL "Bob"
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]