[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: Schema corrections in SAML token profile 1.1 draft-01
thanks Scott, I will make the corrections in the next draft. Ron Scott Cantor wrote: > Reviewing the public review Draft 01, 28 June 2005, there are some small > errors in the usage of the KeyInfoConfirmationDataType introduced in SAML > 2.0. > > Some of this is just editorial, but the XML usage itself is also incorrect > and would not validate against the SAML 2.0 assertion schema. There's > nothing really normative here for the profile itself, I'm just correcting > the examples so nobody is doing the wrong thing on the wire. > > Lines 234-236 discuss the new mechanism for including a key-based > confirmation, I suggest rewording as follows: > > "In the case of a key dependent confirmation method, a complex schema type, > saml2:KeyInfoConfirmationDataType, that includes 1 or more <ds:KeyInfo> > elements, can be specified as the xsi:type of the > <saml2:SubjectConfirmationData> element." > > The original wording seems to show the data type as an element name (inside > <> symbols) which isn't correct. It's merely a type, not an element. > > In the example at line 254, it needs to be corrected to: > > <SubjectConfirmationData xsi:type="saml2:KeyInfoConfirmationDataType">"> > ... > </SubjectConfirmationData> > > The "xsi" prefix may need to be bound in the examples if you want to be > strictly correct. > > Again, there is no actual <saml2:KeyInfoConfirmationData> element defined in > SAML 2.0 because we blocked the use of substitution groups in various places > to more precisely establish the exact element names that would appear in > extension points. > > This same correction applies to examples at lines 813 and 1022. > > -- Scott > --
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]