[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] modify assertion attributes.
> Yeah, but that argument could be used about every piece of data > within the assertion (they are all attributes of one form or another > anyway). Where does one draw the line? Somewhere other than where SAML draws it, at least syntactically. I definitely think the AuthnStatement concept is stupid, and so do most people approaching the spec from outside the process. > I think that SAML should, for all well defined data elements within > its area of control, define well defined locations for that data that > is not dependent upon some generic attribute element (e.g. having a > NameID element within Subject is the right thing to do - as opposed > to having a generic "NameID" attribute name that goes in a generic > AttributeStatement). I agree. But the same syntax should have been used, if possible, and protocols that purport to manipulate one should have been usable for the other. I don't have a particular technical proposal to make (as Brian said, it's too late), but it could be better than it is. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]