OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [saml-dev] Attribute equality during AttributeQuery

On 7/9/14, 5:54 AM, "Peter Major" <peter.major@forgerock.com> wrote:
>I feel that the NameFormat equality here is implicit as I assume you can
>only use the comparison rules once it is established that these
>attributes are using the same attribute NameFormat. Is that correct?

Not exactly; it's implicit because the NameFormat is already fixed by
those attribute profiles. If the NameFormat wasn't correct, you wouldn't
be governed by any of those sections to start with.

>The question is really:
>if I have locally my Attribute Authority configured to deal with
>Attribute queries against given NameFormat and Attribute name, then what
>should happen if I receive an AttributeQuery requesting the correct
>name, but without the NameFormat defined?

You shouldn't treat it as equivalent, strictly speaking.

>So I suppose if the configuration explicitly referred to the unspecified
>attrname-format then the two attributes should be considered equal,
>otherwise it should be handled as an "unrecognized" attribute, right?

That's defensible, yes.

The fact is that there is no use case for using any of the unspecified
constants. They're an interop copout and should have been left out of the
standard. Another argument I lost.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]