OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: Re: [xacml] [schema] replacement for SAML AssertionType



I'll agree with this assesment.
-Polar

On Tue, 23 Jul 2002, Anne Anderson wrote:

> For people operating in an X.509 Attribute Certificate
> environment, or supporting some kind of assertion format other
> than saml, it would be nice if XACML did not force people to
> support SAML.  Currently, we have the following saml artifacts:
>
>  - PolicySetAssertion and PolicyAssertion in PolicySetType are of type
>    saml:AssertionType
>
>  - PolicySetStatementType extends saml:StatementAbstractType
>  - PolicyStatementType extends saml:StatementAbstractType
>
> Why not define XACML:AssertionType as follows:
>
>         <complexType name="AssertionType">
>                 <sequence>
>                                 <element ref="xacml:PolicySetStatement"/>
>                                 <element ref="xacml:PolicyStatement"/>
>                 </sequence>
>                 <attribute name="MajorVersion" type="integer" use="optional"/>
>                 <attribute name="MinorVersion" type="integer" use="optional"/>
>                 <attribute name="AssertionID" type="xs:anyURI" use="optional"/>
>                 <attribute name="Issuer" type="string" use="optional"/>
>                 <attribute name="IssueInstant" type="dateTime" use="optional"/>
>         </complexType>
>
> And remove the "xs:extension base="saml:StatementAbstractType"
> from PolicySetStatementType and PolicyStatementType.
>
> Now, it is still very easy to map saml Assertions to XACML, it is
> easier to ensure that when we use an xacml:AssertionType that it
> is either a PolicySetStatement or a PolicyStatement, and it is no
> longer necessary to support SAML.
>
> Anne
> --
> Anne H. Anderson             Email: Anne.Anderson@Sun.COM
> Sun Microsystems Laboratories
> 1 Network Drive,UBUR02-311     Tel: 781/442-0928
> Burlington, MA 01803-0902 USA  Fax: 781/442-1692
>
>
> ----------------------------------------------------------------
> To subscribe or unsubscribe from this elist use the subscription
> manager: <http://lists.oasis-open.org/ob/adm.pl>
>



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC