OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-core message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Assertion Structure Proposal


<Assertion>

   <!-- Basic tagging info -->
   <AssertionID>
   <RequestID>?
   <Issuer>
   <IssueDate>
   <ValidityInterval>

   <!-- The Assertion -->
   <Claim>
      <Authority>
         <Subject>+
            <Account> <Role>?
            <URI> | <ds:KeyInfo> | <Ticket> | <Bearer> | ANY 
         <Object>+
            <URI> | <ds:KeyInfo> | ANY
      
   <!-- Optional XTASS Control Elements -->
   <Conditions>          <!-- Discard any assertion carrying this element 
                              It is essentially a criticality flag -->
   <ReIssue>             <!-- Omit -->
   <Evidence>            <!-- Omit -->


The element <Bearer> is used to indicate that the party presenting the
assertion has been authenticated as the subject.

ANY indicates a private extension schema in its own name space.


We also need a query syntax, something like


<AssertionRequest>

   <!-- Basic tagging info -->
   <RequestID>
   <Requestor>?
   <IssueDate>?
   <ValidityInterval>?

   <!-- The Assertion -->
   <Query>
      <Authority>
         <Subject>+
            <Account> <Role>?
            <URI> | <ds:KeyInfo> | <Ticket>  | ANY 
         <Object>+
            <URI> | <ds:KeyInfo> | ANY

   <Respond>


Phillip Hallam-Baker
Principal Scientist
VeriSign Inc.
pbaker@verisign.com
781 245 6996 x227

Phillip Hallam-Baker (E-mail).vcf

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC