RE: [saml-dev] Does an Authentication Context URN actually reference an XML file?

["Costello, Roger L." <costello@mitre.org>]

Now I'm confused.  Did I misinterpret your previous statement?  I
thought that you said that the URN in <AuthnContextClassRef> is not to
be interpreted other than to indicate that some XML instance document
somewhere is schema-valid?  Isn't that what you are saying here:

... "the actual declaration instance, should it be known, is
schema-valid with respect to the schema associated with that class
URN".

So, if the URN in <AuthnContextClassRef> has no semantic meaning, then
there must be a URL to an XML file that I (the Relying Party) can read
to get details on the context for authentication.  Yes?  

/Roger

-----Original Message-----
From: Scott Cantor [mailto:cantor.2@osu.edu] 
Sent: Thursday, May 04, 2006 12:03 PM
To: Costello, Roger L.; saml-dev@lists.oasis-open.org
Subject: RE: [saml-dev] Does an Authentication Context URN actually
reference an XML file?

> Thanks again Scott.  Then, would it be fair to say that an 
> assertion that contains just an <AuthnContextClassRef> is 
> fairly useless:

Not at all. I think what people care about is the generality, not the
specifics. They just want to know that the "right sort of stuff"
happened.
Even when they're confused or mistaken about whether it matters.

If anything, I think the declaration stuff borders on useless simply
because
it's impractical. I don't know what I would do with it.

But all things considered, the classes IMHO focus too much on
technology,
when what matters is processes.

-- Scott