RE: [security-services] New Issue: AssertionID/ WSS Direct referencecompatability

[Scott Cantor <cantor.2@osu.edu>]

> I think this is a case where revisiting this issue in a couple of months,
> will likely prevent SAML and the STP from defining short-lived
> accomodations just as the path to a more permanent solution becomes
> evident and available.

The problem is the strictness of XML is such that we're kind of stuck. We
can't do what we want yet, and if we decide to continue defining our own ID,
we can't change it later without making an incompatible change. It becomes a
SAML 3.0 step to move to xml:id.

The real complaint I have is that this is self-inflicted. The proper way to
locate an element based on an ID is not by relying on the name of the
attribute. That's a serious mistake in XML processing. There are ways now to
establish ID-ness without relying on validation, so whatever argument was
made as to why this was needed is a mystery to me.

-- Scott