OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: comments: draft-saml1x-metadata-01


Document: draft-saml1x-metadata-01

[lines 76--78] Replace "include <md:IDPSSODescriptor>,
<md:SPSSODescriptor>, <md:AttributeAuthorityDescriptor>,
<md:AttributeConsumerDescriptor>, and <md:PDPDescriptor>" with "are
listed in section 2.2".

[line 88, 146] Insert a comma before "respectively".

[line 95] Replace "It's" with "Its".

[line 96] The string "issuer" is typeset in the wrong font.

[line 96] Replace "the issuer string" with "the value of the Issuer attribute".

[line 97] Replace "Assertions" with "assertions" (roman font).

[line 98] The string "Audience" is typeset in the wrong font.

[line 98] Replace "the Audience string" with "the value of the
<saml:Audience> element".

[line 98] Replace "Assertions" with "assertions" (roman font).

[lines 98--99] Replace "an AudienceRestrictionCondition" with "a
<saml:AudienceRestrictionCondition> element".

[line 110, 140, 150, 160] Replace "at least" with "exactly" since the
two URIs are mutually exclusive.

[line 114, 115] Replace "Hash" with "hash".

[line 114] The string "entityID" is typeset in the wrong font.

[line 114, 115, 116] The string "SourceID" is typeset in the wrong
font.  (What font SHOULD be used?)

[line 115] The string "entityID" is typeset in the wrong font.

[line 116] Hyphenate "hex-encoded".  What is meant by "hex-encoded" in
this context?

[line 117] The string "Extensions" is typeset in the wrong font.

[line 117] Replace "Extensions" with "<md:Extensions>".

[line 117] Delete "their".

[line 128] Indent this line of code.

[line 133, 135] The string "Binding" is typeset in the wrong font.

[line 133] Replace "any Binding URIs for use with" with "a value for
the Binding attribute of".

[line 139] Delete "service".

[line 143] Replace "<Attribute>" with "<md:Attribute>".

[line 145] Replace "attributes" with "attributes of the <md:Attribute> element".

[line 146, 166] Replace "attributes" with "attributes of the
<saml:Attribute> element".

[line 154, 155] The URI on this line is typeset in the wrong font.

[line 155] URI "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" is
deprecated.  Use "urn:oasis:names:tc:SAML:1.0:profiles:artifact"
instead.

[line 159] Replace "utilizes SAML attributes" with "requests
attributes from an Attribute Authority".

[line 160] The string "The" is typeset in the wrong font.

[line 163] Replace "<Attribute>" with "<md:RequestedAttribute>".

[line 163] Replace "in this element" with "in a
<md:AttributeConsumingService> element in this element".

[line 165] Replace "attributes" with "attributes of the
<md:RequestedAttribute> element".


General comments and suggestions:

- The use of fixed-width fonts is inconsistent.  For example, the font
used on line 116 to typeset "<saml1md:SourceId>" is different than the
font used to typeset "<md:IDPSSODescriptor>" on the next line. 
Similar problems occur throughout the document.

- All XML elements in the text should be fully qualified.

- The prefix "saml1md" is not a good choice since a lowercase ell and
the digit 1 side by side leads to confusion.

- In lines 113--118, the string "SourceID" is used to refer to two
different items, which is confusing.

- Section 2.6 must be rewritten since the
<md:AttributeConsumerDescriptor> element has been removed from the
specification (or so I've heard).

- The following statements apply to the <md:IDPSSODescriptor> element:
 + The WantAuthnRequestsSigned attribute is not supported.
 + One or more <md:ArtifactResolutionService> elements are required.
 + The following elements are not supported:
   <md:SingleLogoutService>
   <md:ManageNameIDService>
   <md:SingleSignOnService>
   <md:NameIDMappingService>
   <md:AssertionIDRequestService>
   <md:AttributeProfile>

- The following statements apply to the <md:SPSSODescriptor> element:
 + The AuthnRequestsSigned attribute is not supported.
 + The following elements are not supported:
   <md:ArtifactResolutionService>
   <md:SingleLogoutService>
   <md:ManageNameIDService>

- The following statement applies to the
<md:AttributeAuthorityDescriptor> element:
 + The following elements are not supported:
   <md:AssertionIDRequestService>
   <md:AttributeProfile>

- The following statement applies to the <md:PDPDescriptor> element:
 + The following element is not supported:
   <md:AssertionIDRequestService>


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]