[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] XPath Attribute Profile
On Wed, 2005-06-01 at 11:38 -0400, Conor P. Cahill wrote: > > So, why are we profiling this to be xpath based? Why not? > > I would think a better solution would be along the lines of: > > <saml:attribute name="urn:liberty:id-sis-pp:2003_08" ... > <saml:AttributeValue> > Normal PP Query results formatted data goes here > </saml:AttributeValue> > </saml:Attribute> > > That way the IdP is able to just copy what it got back from PP (or > what it would have generated for its PP interface if it was the PP as > well) and it works generically for any service. > > So, to clarify, I'm proposing that we: > * name the attribute using the namespace (or, prerhaps the > schema) for the service > * place service document into the attribute value rather than > making this look like single valued attribute. > Conor All day we've explored different ways of solving the same use cases. I'm certainly open to discuss them. However, I do not understand what is broken or wrong with the current proposal. All these things aside, Greg Whitehead helped identity something we will need to change with the current proposal. We will need a new revision of the document, so we have plenty of time to discuss other options. If Greg doesn't send out the details, I'll send out details tomorrow. - Cameron
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]