[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [saml-dev] NameID-less SAML Subject
On Sun, Mar 2, 2008 at 2:51 PM, Scott Cantor <cantor.2@osu.edu> wrote: > > > Suppose I want to query an IdP and identify the subject with an X.509 > > certificate (not merely a DN). I'd be tempted to include the cert in > > a SubjectConfirmation element but the semantics aren't quite right. > > What is the correct way to do this? > > Define a BaseID extension for carrying a certificate as an identifier. Hmm, how would I use BaseIDAbstractType to define a container for ds:KeyInfo? <complexType name="KeyIdentifier"> <complexContent> <extension base="saml:BaseIDAbstractType"> <sequence> <element ref="ds:KeyInfo"/> </sequence> </extension> </complexContent> </complexType> Did I use BaseIDAbstractType correctly? Tom
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]