[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: Draft of profile for XACML-compatible SAML Attributes. Forwardedmessage from Eve L. Maler.
I think Eve's attached suggestion is good, and I have created Draft 02 (attached) with the suggested change. For those of you who haven't tried to tackle it yet, fear not: the content of this Profile is only 22 lines of normative text. Anne
--- Begin Message ---
- From: "Eve L. Maler" <Eve.Maler@Sun.COM>
- To: Anne.Anderson@Sun.COM
- Date: Thu, 13 May 2004 17:50:36 -0400
I believe that, instead of the requirement for NameFormat:Name imposed in the first paragraph of Section 3, what you really want is something like this: "A *SAML Attribute* to be used as input to an *XACML processor* SHALL have a NameFormat attribute value of 'urn:oasis:names:tc:SAML:2.0:attname-format:uri'. The value of the *SAML Attribute's* Name attribute SHALL be a URI reference that conforms to this name format and that is sufficient to distinguish instances of the given SAML Attribute from instances of other SAML or XACML Attributes that have different semantics. ..." In other words, if you want to use a semantically distinguished URI as the SAML Attribute's name, SAML now lets you do this in a really clear way. You simply need to indicate that the Name is intended to be a URI by using the appropriate NameFormat value (given above). Eve Anne Anderson wrote: > Attached is an initial draft of the Profile document that > specifies the format for XACML-compatible SAML Attributes. This > Profile, once approved by the XACML TC, will be submitted to the > SSTC for inclusion in the SAML 2.0 set of specifications. > > The SAML attribute names - Name and NameFormat - are those used > in the Rev 11 SAML 2.0 draft. > > Comments invited. > > Anne -- Eve Maler +1 781 442 3190 Sun Microsystems cell +1 781 354 9441 Web Products, Technologies, and Standards eve.maler @ sun.com--- End Message ---
-- Anne H. Anderson Email: Anne.Anderson@Sun.COM Sun Microsystems Laboratories 1 Network Drive,UBUR02-311 Tel: 781/442-0928 Burlington, MA 01803-0902 USA Fax: 781/442-1692
XACML Profile of SAML V2.0 Attributes, Draft 02
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]