RE: [security-services] Groups - draft-saml-requesting-attributes-extension-v1.0.pdf uploaded

["Cantor, Scott" <cantor.2@osu.edu>]

> The proposal was previously submitted and presented by my colleague Mert
> Aybat, and the current document version aims to integrate all the comments
> received at that time. The older email threads related to this topic can be
> found here: http://markmail.org/message/bjqll753qnbp4kkr &
> http://markmail.org/message/zzbopgn37nvisoj3 .
> 
> Looking forward to your feedback.

This draft seems to be defining a new element that essentally duplicates the existing md:RequestedAttribute element, and that's a bad idea, due to confusion if nothing else. Instead, I would simply define a new wrapper element, perhaps <req-attr:RequestedAttributes> and define it as a sequence of zero or more <md:RequestedAttribute> elements.

That gives us insulation within the Extensions element but reuses the schema we already have.

The other comment is that the Conformance section is a bit off the track, but I can do a draft with appropriate wording once this is in a real OASIS template. It's really just boilerplate and I know what it needs to say. Basically the trick to the wording is saying "An SP is conformant to this profile if it has the ability to..." and so forth.

-- Scott