[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Addition of more wildcarding
> Making ID optional in the schema could allow for using other > xsd:ID based identifiers, like wsu:ID. We could "STRONGLY > RECOMMEND" the use of the SAML-defined IDs in prose, but > allow these others. We thought about that a couple of weeks ago, but as Greg and others noted, it would be horrible to need to know up front that wsu:Id was needed. An authority shouldn't have to know its assertions will be used in a particular way. That's the basic problem with wsu:Id, but xml:id doesn't have that problem. OTOH, making ID optional would *enable* cases that did know up front to work better with WSS if the 2.0 STP allowed for that case. But again, my concern is the interoperability of 2.0. I think we risk a lot by not mandating use of our ID with 2.0 (even if it's optional in the schema) unless we're very explicit about people having to support the alternatives. Put another way, validation of SAML 2.0 in general would basically require me to embed support for the wsu schema in case somebody used it. At which point why don't we just give in and replace our ID with theirs? And that's such a crazy requirement... -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]