OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Public Comment

Comment from: farrukh.najmi@sun.com

This comment is in regards to the thread:


I have run into the same issue as the original poster. I do not think it is a deficiency of the tools involved. Here is why...

When a normative XML Schema imports another XML Schema it needs to be very specific about the version of schema that is being imported.

Currently SAML 2.0 schemas reference the following :

[1] http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd

Above URL is to the latest XMLDSIG schema and may point to a newer version in the future.

The schema located at:

[2] http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd

is identical to the first URL but it is at a stable version specific URL.

IMHO, SAML 2.0 schemas should reference [2] and not [1] because [1] is an unstable URL whose resource will change over time.

Please let me know if I am mistaken in my assumptions. Thanks.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]