OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [saml-dev] NameID-less SAML Subject

On Sun, Mar 2, 2008 at 2:51 PM, Scott Cantor <cantor.2@osu.edu> wrote:
> > Suppose I want to query an IdP and identify the subject with an X.509
>  > certificate (not merely a DN).  I'd be tempted to include the cert in
>  > a SubjectConfirmation element but the semantics aren't quite right.
>  > What is the correct way to do this?
> Define a BaseID extension for carrying a certificate as an identifier.

Hmm, how would I use BaseIDAbstractType to define a container for ds:KeyInfo?

<complexType name="KeyIdentifier">
    <extension base="saml:BaseIDAbstractType">
        <element ref="ds:KeyInfo"/>

Did I use BaseIDAbstractType correctly?


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]