[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [security-editors] Core-21 for the doc repository
Yikes! It's been so long that I've dealt with this, I actually forgot the correct address. >Date: Mon, 10 Dec 2001 15:24:19 -0500 >From: "Eve L. Maler" <eve.maler@sun.com> >Subject: Core-21 >To: security-services@lists.oasis-open.org, >security-editor@lists.oasis-open.org >Cc: eve.maler@sun.com, pbaker@verisign.com > >Attached are the core-21 draft and the two schemas. > >Phill kindly let me "own" core-21 after he put in the agreed-to technical >changes, and I did a bunch of editorial things to it. You'll find that >the overall "look" (and, somewhat, the organization) of the core draft has >changed to match the other specs more closely. My goal was to stick to >changes that were technically neutral (for example, there is still a >notion of single/multiple assertions); if you find any instances where I >accidentally changed a meaning, let me know. > >I will separately be making a bunch of substantive comments/questions, >hopefully before tomorrow's meeting so that we can discuss and decide on >some of them. I believe I'll have time to do a core-22 before I go on >vacation December 13-18 if such is required, and Phill will return from >his IETF meeting after next week, so that will be the handoff point. > > Eve > > > > > >-- >Eve Maler +1 781 442 3190 >Sun Microsystems XML Technology Center eve.maler @ sun.com
<?xml version="1.0" encoding="UTF-8"?>
<!-- edited with XML Spy v3.5 NT (http://www.xmlspy.com) by Phill Hallam-Baker (VeriSign Inc.) -->
<schema
targetNamespace="http://www.oasis-open.org/committees/security/docs/draft-sstc-schema-protocol-21.xsd"
xmlns="http://www.w3.org/2001/XMLSchema"
xmlns:samlp="http://www.oasis-open.org/committees/security/docs/draft-sstc-schema-protocol-21.xsd"
xmlns:saml="http://www.oasis-open.org/committees/security/docs/draft-sstc-schema-assertion-21.xsd"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
elementFormDefault="unqualified">
<import namespace="http://www.oasis-open.org/committees/security/docs/draft-sstc-schema-assertion-21.xsd"
schemaLocation="draft-sstc-schema-assertion-21.xsd"/>
<import namespace="http://www.w3.org/2000/09/xmldsig#"
schemaLocation="xmldsig-core-schema.xsd"/>
<annotation>
<documentation>draft-sstc-schema-protocol-21.xsd</documentation>
</annotation>
<simpleType name="CompletenessSpecifierType">
<restriction base="string">
<enumeration value="Partial"/>
<enumeration value="AllOrNone"/>
</restriction>
</simpleType>
<simpleType name="StatusCodeType">
<restriction base="string">
<enumeration value="Success"/>
<enumeration value="Failure"/>
<enumeration value="Error"/>
<enumeration value="Unknown"/>
</restriction>
</simpleType>
<complexType name="RequestAbstractType" abstract="true">
<attribute name="RequestID" type="saml:IDType" use="required"/>
<attribute name="MajorVersion" type="integer" use="required"/>
<attribute name="MinorVersion" type="integer" use="required"/>
</complexType>
<element name="Request" type="samlp:RequestType"/>
<complexType name="RequestType">
<complexContent>
<extension base="samlp:RequestAbstractType">
<choice>
<element ref="samlp:Query"/>
<element ref="samlp:SubjectQuery"/>
<element ref="samlp:AuthenticationQuery"/>
<element ref="samlp:AttributeQuery"/>
<element ref="samlp:AuthorizationQuery"/>
<element ref="saml:AssertionID" maxOccurs="unbounded"/>
<element ref="samlp:AssertionArtifact" maxOccurs="unbounded"/>
</choice>
</extension>
</complexContent>
</complexType>
<element name="AssertionArtifact" type="string"/>
<element name="Query" type="samlp:QueryAbstractType"/>
<complexType name="QueryAbstractType" abstract="true"/>
<element name="SubjectQuery" type="samlp:SubjectQueryAbstractType"/>
<complexType name="SubjectQueryAbstractType" abstract="true">
<complexContent>
<extension base="samlp:QueryAbstractType">
<sequence>
<element ref="saml:Subject"/>
</sequence>
</extension>
</complexContent>
</complexType>
<element name="AuthenticationQuery" type="samlp:AuthenticationQueryType"/>
<complexType name="AuthenticationQueryType">
<complexContent>
<extension base="samlp:SubjectQueryAbstractType">
<sequence>
<element ref="saml:ConfirmationMethod" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
<element name="AttributeQuery" type="samlp:AttributeQueryType"/>
<complexType name="AttributeQueryType">
<complexContent>
<extension base="samlp:SubjectQueryAbstractType">
<sequence>
<element ref="saml:AttributeDesignator"
minOccurs="0" maxOccurs="unbounded"/>
</sequence>
<attribute name="CompletenessSpecifier"
type="samlp:CompletenessSpecifierType" use="required"/>
</extension>
</complexContent>
</complexType>
<element name="AuthorizationQuery" type="samlp:AuthorizationQueryType"/>
<complexType name="AuthorizationQueryType">
<complexContent>
<extension base="samlp:SubjectQueryAbstractType">
<sequence>
<element ref="saml:Actions"/>
<element ref="saml:Evidence"
minOccurs="0" maxOccurs="unbounded"/>
</sequence>
<attribute name="Resource" type="anyURI"/>
</extension>
</complexContent>
</complexType>
<complexType name="ResponseAbstractType" abstract="true">
<attribute name="ResponseID" type="saml:IDType" use="required"/>
<attribute name="InResponseTo" type="saml:IDType" use="required"/>
<attribute name="MajorVersion" type="integer" use="required"/>
<attribute name="MinorVersion" type="integer" use="required"/>
</complexType>
<element name="Response" type="samlp:ResponseType"/>
<complexType name="ResponseType">
<complexContent>
<extension base="samlp:ResponseAbstractType">
<choice minOccurs="0" maxOccurs="unbounded">
<element ref="saml:Assertion"/>
<element ref="saml:SingleAssertion"/>
<element ref="saml:MultipleAssertion"/>
</choice>
<attribute name="StatusCode"
type="samlp:StatusCodeType" use="required"/>
</extension>
</complexContent>
</complexType>
</schema>
<?xml version="1.0" encoding="UTF-8"?>
<!-- edited with XML Spy v3.5 NT (http://www.xmlspy.com) by Phill Hallam-Baker (VeriSign Inc.) -->
<schema
targetNamespace="http://www.oasis-open.org/committees/security/docs/draft-sstc-schema-assertion-21.xsd"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:saml="http://www.oasis-open.org/committees/security/docs/draft-sstc-schema-assertion-21.xsd"
xmlns="http://www.w3.org/2001/XMLSchema"
elementFormDefault="unqualified">
<import namespace="http://www.w3.org/2000/09/xmldsig#"
schemaLocation="xmldsig-core-schema.xsd"/>
<annotation>
<documentation>draft-sstc-schema-assertion-21.xsd</documentation>
</annotation>
<element name="AssertionID" type="saml:IDType"/>
<simpleType name="IDType">
<restriction base="string"/>
</simpleType>
<simpleType name="DecisionType">
<restriction base="string">
<enumeration value="Permit"/>
<enumeration value="Deny"/>
<enumeration value="Indeterminate"/>
</restriction>
</simpleType>
<element name="Assertion" type="saml:AssertionAbstractType"/>
<complexType name="AssertionAbstractType" abstract="true">
<sequence>
<element ref="saml:Conditions" minOccurs="0"/>
<element ref="saml:Advice" minOccurs="0"/>
</sequence>
<attribute name="MajorVersion" type="integer" use="required"/>
<attribute name="MinorVersion" type="integer" use="required"/>
<attribute name="AssertionID" type="saml:IDType" use="required"/>
<attribute name="Issuer" type="string" use="required"/>
<attribute name="IssueInstant" type="dateTime" use="required"/>
</complexType>
<element name="SingleAssertion" type="saml:SingleAssertionType"/>
<complexType name="SingleAssertionType">
<complexContent>
<extension base="saml:AssertionAbstractType">
<choice>
<element ref="saml:Statement"/>
<element ref="saml:SubjectStatement"/>
<element ref="saml:AuthenticationStatement"/>
<element ref="saml:AuthorizationStatement"/>
<element ref="saml:AttributeStatement"/>
</choice>
</extension>
</complexContent>
</complexType>
<element name="MultipleAssertion" type="saml:MultipleAssertionType"/>
<complexType name="MultipleAssertionType">
<complexContent>
<extension base="saml:AssertionAbstractType">
<choice minOccurs="0" maxOccurs="unbounded">
<element ref="saml:Statement"/>
<element ref="saml:SubjectStatement"/>
<element ref="saml:AuthenticationStatement"/>
<element ref="saml:AuthorizationStatement"/>
<element ref="saml:AttributeStatement"/>
</choice>
</extension>
</complexContent>
</complexType>
<element name="AssertionSpecifier" type="saml:AssertionSpecifierType"/>
<complexType name="AssertionSpecifierType">
<choice>
<element ref="saml:AssertionID"/>
<element ref="saml:Assertion"/>
<element ref="saml:SingleAssertion"/>
<element ref="saml:MultipleAssertion"/>
</choice>
</complexType>
<element name="Statement" type="saml:StatementAbstractType"/>
<complexType name="StatementAbstractType" abstract="true"/>
<element name="SubjectStatement" type="saml:SubjectStatementAbstractType"/>
<complexType name="SubjectStatementAbstractType" abstract="true">
<complexContent>
<extension base="saml:StatementAbstractType">
<sequence>
<element ref="saml:Subject"/>
</sequence>
</extension>
</complexContent>
</complexType>
<element name="Subject" type="saml:SubjectType"/>
<complexType name="SubjectType">
<choice maxOccurs="unbounded">
<element ref="saml:NameIdentifier"/>
<element ref="saml:SubjectConfirmation"/>
<element ref="saml:AssertionSpecifier"/>
</choice>
</complexType>
<element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/>
<complexType name="SubjectConfirmationType">
<sequence>
<element ref="saml:ConfirmationMethod" maxOccurs="unbounded"/>
<element name="SubjectConfirmationData" type="string" minOccurs="0"/>
<element ref="ds:KeyInfo" minOccurs="0"/>
</sequence>
<!-- Need to modify this element-->
</complexType>
<element name="NameIdentifier" type="saml:NameIdentifierType"/>
<complexType name="NameIdentifierType">
<attribute name="SecurityDomain" type="string"/>
<attribute name="Name" type="string"/>
</complexType>
<element name="ConfirmationMethod" type="anyURI"/>
<element name="AuthenticationStatement"
type="saml:AuthenticationStatementType"/>
<complexType name="AuthenticationStatementType">
<complexContent>
<extension base="saml:SubjectStatementAbstractType">
<sequence>
<element ref="saml:AuthenticationLocality" minOccurs="0"/>
</sequence>
<attribute name="AuthenticationMethod" type="anyURI"/>
<attribute name="AuthenticationInstant" type="dateTime"/>
</extension>
</complexContent>
</complexType>
<element name="AuthenticationLocality"
type="saml:AuthenticationLocalityType"/>
<complexType name="AuthenticationLocalityType">
<attribute name="IPAddress" type="string" use="optional"/>
<attribute name="DNSAddress" type="string" use="optional"/>
</complexType>
<element name="AuthorizationStatement"
type="saml:AuthorizationStatementType"/>
<complexType name="AuthorizationStatementType">
<complexContent>
<extension base="saml:SubjectStatementAbstractType">
<sequence>
<element ref="saml:Actions"/>
<element ref="saml:Evidence"
minOccurs="0" maxOccurs="unbounded"/>
</sequence>
<attribute name="Resource" type="anyURI" use="optional"/>
<attribute name="Decision"
type="saml:DecisionType" use="optional"/>
</extension>
</complexContent>
</complexType>
<element name="Actions" type="saml:ActionsType"/>
<complexType name="ActionsType">
<sequence>
<element ref="saml:Action" maxOccurs="unbounded"/>
</sequence>
<attribute name="Namespace" type="anyURI" use="optional"/>
</complexType>
<element name="Action" type="string"/>
<element name="Evidence" type="saml:AssertionSpecifierType"/>
<element name="AttributeStatement" type="saml:AttributeStatementType"/>
<complexType name="AttributeStatementType">
<complexContent>
<extension base="saml:SubjectStatementAbstractType">
<sequence>
<element ref="saml:Attribute" maxOccurs="unbounded"/>
</sequence>
</extension>
</complexContent>
</complexType>
<element name="AttributeDesignator" type="saml:AttributeDesignatorType"/>
<complexType name="AttributeDesignatorType">
<attribute name="AttributeName" type="string"/>
<attribute name="AttributeNamespace" type="anyURI"/>
</complexType>
<element name="Attribute" type="saml:AttributeType"/>
<complexType name="AttributeType">
<complexContent>
<extension base="saml:AttributeDesignatorType">
<sequence>
<element ref="saml:AttributeValue"/>
</sequence>
</extension>
</complexContent>
</complexType>
<element name="AttributeValue" type="saml:AttributeValueType"/>
<complexType name="AttributeValueType">
<sequence>
<any namespace="##any" processContents="lax"
minOccurs="0" maxOccurs="unbounded"/>
</sequence>
</complexType>
<element name="Conditions" type="saml:ConditionsType"/>
<complexType name="ConditionsType">
<choice minOccurs="0" maxOccurs="unbounded">
<element ref="saml:Condition"/>
<element ref="saml:AudienceRestrictionCondition"/>
</choice>
<attribute name="NotBefore" type="dateTime" use="optional"/>
<attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
</complexType>
<element name="Condition" type="saml:ConditionAbstractType"/>
<complexType name="ConditionAbstractType" abstract="true"/>
<element name="AudienceRestrictionCondition"
type="saml:AudienceRestrictionConditionType"/>
<complexType name="AudienceRestrictionConditionType">
<complexContent>
<extension base="saml:ConditionAbstractType">
<sequence>
<element ref="saml:Audience"
minOccurs="1" maxOccurs="unbounded"/>
</sequence>
</extension>
</complexContent>
</complexType>
<element name="Audience" type="anyURI"/>
<element name="Advice" type="saml:AdviceType"/>
<complexType name="AdviceType">
<sequence>
<choice minOccurs="0" maxOccurs="unbounded">
<element ref="saml:AssertionSpecifier"/>
<element ref="saml:AdviceElement"/>
<any namespace="##other" processContents="lax"/>
</choice>
</sequence>
</complexType>
<element name="AdviceElement" type="saml:AdviceAbstractType"/>
<complexType name="AdviceAbstractType"/>
</schema>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC