[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Re: Attribute Sharing Profile for X.509Authentication-Based Systems (Draft-12)
That looks good to me -- Tom? ::Ari > -----Original Message----- > From: Scott Cantor [mailto:cantor.2@osu.edu] > Sent: Wednesday, March 28, 2007 12:15 PM > To: 'Tom Scavo'; 'OASIS SSTC' > Subject: RE: [security-services] Re: Attribute Sharing > Profile for X.509 > Authentication-Based Systems (Draft-12) > > > > I'm still not clear on how best to reword this. Scott, > would you mind > > taking a crack at this? Here's how it stands now: > > > > --------------------- > > The service provider and identity provider MAY use metadata > in support > > of this deployment profile for locating endpoints, communicating key > > information, and so on. If SAML V2.0 metadata is used, the > > <md:AttributeAuthorityDescriptor> element defined by the > SAML metadata > > specification [SAMLMeta] and the query:AttributeQueryDescriptorType > > complex type defined by the SAML metadata extension specification > > [SAMLMeta-Ext] SHOULD be used with this deployment profile. > > --------------------- > > Here's a suggested change: > > --------------------- > The service provider and identity provider MAY use metadata > in support of > this deployment profile for locating endpoints, communicating key > information, and so on. If SAML V2.0 metadata is used, the > identity provider > SHOULD use the <md:AttributeAuthorityDescriptor> element > defined by the > SAML metadata specification [SAMLMeta]. The server provider > SHOULD use the > query:AttributeQueryDescriptorType complex type defined by > the SAML metadata > extension specification [SAMLMeta-Ext], or it MAY use the > <md:SPSSODescriptor> element defined by SAML metadata specification > [SAMLMeta] if it also offers profile support consistent with > that element. > Other role types defined in future specifications MAY be used > in conjunction > with this profile, subject to agreement by the parties. > --------------------- > > If you want to leave out the future proofing, let me know and > I'll reword it > stronger. > > -- Scott > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]