OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: New versions of Shared Credential specs & schemas

Colleagues, I've uploaded a (nother) bunch of revisions for the various 
pieces of the Shared Credential topic - primarily reflecting mods we 
introduced to address issues we found with how we were modelling schemas 
for the Authentication Context schema and classes.

In short, beccause core AC schema defines a single multi-occurrence 
<Extension> element, contraining this element to MUST have particular 
content (as we were trying) imposes the same requirement on every 
occurrence of the element in other places in the AC XML structure. We 
avoid this now by, for our two class schemas, separately

a) stipulating that there MUST be an <Extension> element in the 
<PrinciplalAuthenticationMechanism>
2) stipulating appropriate values for the content of the 
<SharedCredential>  element within the above <Extension>

We fall back on prose to force the <Extension> to  have a child 
<SharedCredential> element.

I'll try to make sense of the various docs here.

The <RequestedACCombinations> protocol extension is defined in [1] 
(redlined version at [7]) with accompanying schema in [2]

The <SharedCredential> Authentication Context extension is defined in 
[3] (redlined version at [8]) with accompanying schema in [4].

Additionally, [3] introduces two new AC classes and associated URIs that 
differentiate based on the AC extension (the two associated schemas for 
these AC classes are [5] & [6].)

Regards

Ashish & Paul

---------------------------------------------------------

Document Links

[1] - 
http://www.oasis-open.org/apps/org/workgroup/security/document.php?document_id=20212 


[2]- 
http://www.oasis-open.org/apps/org/workgroup/security/document.php?document_id=20211

[3}- 
http://www.oasis-open.org/apps/org/workgroup/security/document.php?document_id=20213

[4}- 
http://www.oasis-open.org/apps/org/workgroup/security/document.php?document_id=20217

[5]- 
http://www.oasis-open.org/apps/org/workgroup/security/document.php?document_id=20209

[6]- 
http://www.oasis-open.org/apps/org/workgroup/security/document.php?document_id=20210

[7] - 
http://www.oasis-open.org/apps/org/workgroup/security/document.php?document_id=20215

[8] - 
http://www.oasis-open.org/apps/org/workgroup/security/document.php?document_id=20216 


-- 


-- 
Paul Madsen             e:paulmadsen @ ntt-at.com
NTT                     p:613-482-0432
                        m:613-302-1428
                        aim:PaulMdsn5
                        web:connectid.blogspot.com

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]