OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: NHIN Exchange <Subject> question


All,

This issue is highly important to the NHIN Exchange.  It is currently blocking a state health information exchange from joining the NHIN Exchange, and two vendors (perhaps more) are in a holding pattern depending on the authoritative resolution to this issue.  

What is the proper path for getting a consensus initial opinion and ultimately an authoritative statement on this (and some closely related) topics?

Would it be helpful if I provided revised SAML text intended to replace the existing text?

Eric Heflin
Dir of Standards and Interoperability
Medicity
THE Standard for Meaningful HIE.       
www.medicity.com
801.415.2672 (o)
801.674.2313 (m)
eheflin (Skype)


-----Original Message-----
From: Eric Heflin 
Sent: Friday, January 07, 2011 9:44 AM
To: 'Cantor, Scott E.'; saml-dev@lists.oasis-open.org
Subject: RE: NHIN Exchange <Subject> question

Scott,

Thanks for the fast response.

Here's the ambiguity: Since a SAML assertion can have multiple <Subject>s, the quoted text ambiguous since it is not clearly specifying which <Subject> is being referenced as being required.

-----Original Message-----
From: Cantor, Scott E. [mailto:cantor.2@osu.edu]
Sent: Friday, January 07, 2011 9:27 AM
To: Eric Heflin; saml-dev@lists.oasis-open.org
Subject: RE: NHIN Exchange <Subject> question

> Interpretation A (Only one <Subject> element is required): One 
> interpretation is that a SAML Assertion with an <AttributeStatement> 
> element does not need a <Subject> element -inside- any child 
> <Assertion> elements containing the <AttributeStatement>, but that 
> such a SAML Assertion does require a <Subject> element at the root 
> <Assertion>/<Subject> level.

That directly contradicts the text you're quoting.

>          <!-- Does not contain a subject, because there is one in the
>             encompassing assertion and this assertion is about the 
> same subject ->

There is no relationship between those assertions, so they certainly don't inherit anything between them.

> Interpretation B

That is the one that actually follows the text of the spec.

-- Scott



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]