OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: Draft of profile for XACML-compatible SAML Attributes. Forwardedmessage from Eve L. Maler.


I think Eve's attached suggestion is good, and I have created
Draft 02 (attached) with the suggested change. For those of you
who haven't tried to tackle it yet, fear not: the content of this
Profile is only 22 lines of normative text.

Anne

--- Begin Message ---
I believe that, instead of the requirement for NameFormat:Name imposed 
in the first paragraph of Section 3, what you really want is something 
like this:

"A *SAML Attribute* to be used as input to an *XACML processor* SHALL 
have a NameFormat attribute value of 
'urn:oasis:names:tc:SAML:2.0:attname-format:uri'.  The value of the 
*SAML Attribute's* Name attribute SHALL be a URI reference that conforms 
to this name format and that is sufficient to distinguish instances of 
the given SAML Attribute from instances of other SAML or XACML 
Attributes that have different semantics. ..."

In other words, if you want to use a semantically distinguished URI as 
the SAML Attribute's name, SAML now lets you do this in a really clear 
way.  You simply need to indicate that the Name is intended to be a URI 
by using the appropriate NameFormat value (given above).

	Eve

Anne Anderson wrote:

> Attached is an initial draft of the Profile document that
> specifies the format for XACML-compatible SAML Attributes.  This
> Profile, once approved by the XACML TC, will be submitted to the
> SSTC for inclusion in the SAML 2.0 set of specifications.
> 
> The SAML attribute names - Name and NameFormat - are those used
> in the Rev 11 SAML 2.0 draft.
> 
> Comments invited.
> 
> Anne

-- 
Eve Maler                                        +1 781 442 3190
Sun Microsystems                            cell +1 781 354 9441
Web Products, Technologies, and Standards    eve.maler @ sun.com

--- End Message ---

-- 
Anne H. Anderson             Email: Anne.Anderson@Sun.COM
Sun Microsystems Laboratories
1 Network Drive,UBUR02-311     Tel: 781/442-0928
Burlington, MA 01803-0902 USA  Fax: 781/442-1692

XACML Profile of SAML V2.0 Attributes, Draft 02



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]