OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Public Comment

Comment from: Vivian.Li@uk.fujitsu.com

Dear TC members,

I appreciate that many new definitions and protocols have been added into SAML v2.0 comparing to v1.0. However, confusions also arose with the additional contents in v2.0:

1.	The element <Statement> has been re-arranged inside section 2.6 Advice on page 24. It is understandable logically that the <Statement> could be just advice to the requester, but it seems clashes with the purpose of SAML, whose main responsibility is to issue assertions, while these assertions mainly should be constructed from &#8220;Statements&#8221;, apart from errors. Also, the <Statement> element is not explicitly defined to be within the <Advice> element. If this is not a MUST, the point of moving 2.6.2 Statements inside 2.6 Advice seems to be weakened.
2.	If I understood this right, RequestAbstractType is of Request messages, while StatusResponseType is the base type for Response, they should be have equal right conceptually. However, in section 3 SAML Protocols, sub-section Complex Type StatusResponseType becomes a sub-section of 3.2.1 Complex Type RequestAbstractType, does it indicate something that I missed?
3.	the <Request> element is only mentioned once in section 3.2.1, v2.0 within a &#8220;Note&#8221;, also in &#8220;Binding for the OASIS Security Assertion Markup Language (SAML) V2.0&#8221; p12, section Example, the <Request> element has been replaced by <&#8230;AttributeQuery&#8230;>, if it is the intension of v2.0 to get rid of <Request> as defined in v1.0, wouldn&#8217;t it be better to explicitly address this in section 3.2.1? 

Above all are some questions during my reading of SAML v2.0, even if in the final specifications they remain unchanged, I still like to have some explanations to clear my understanding of SAML v2.0, since it is a very important spec to our implementation for one of the Grid projects.

Best Regards,

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]