Subject: Re: [saml-dev] Artifact Format

On 3/13/06, Scott Cantor <cantor.2@osu.edu> wrote:
> Yes, I could not find anything in the conformance doc also.

It's missing. The intent was that type 0x04 is MTI.

> So, I could define
> Artifact = [Typecode MyFooBar(nn)]
> Where TypeCode := 0x0100 (e..g)

No. All SAML 2.0 artifacts have an index field. The part after the index is

Furthermore, there isn't a formal registry of artifact type codes, which
means there is no guarantee you won't step on somebody else.

PKB: Agree. I think we should provide  a framework for provider defined types. That's for future discussion.

Finally, it's just generally a bad thing IMHO. What does your artifact do
that requires its own type?

PKB: In general I agree. The situation is little different for me - it is very limited circle with lots of security requirements (Can't go beyond that). One problem is you have to keep a map of artifact and to which user it was issued. This requires a database or other distributed mechanism when you have colos worldwide. I am exploring right now ...


-- Scott

