OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: Proposed Changes to Core-12 (with renaming)


>This is an open issue from the f2f#3 meeting
>(ISSUE:[F2F#3-37]). The general sense seemed to
>be that people wanted to be able to omit the
>namespace and that somehow there was a canonical namespace
>in which names are interpreted (SAML namespace?).
>I dont think we actually spelled this out completely.

I'm glad it's an open issue; this kind of thing is very destructive
to interoperability as not only implementations but also particular
installations will make independent and different decisions about
default namespace, which will cause things to break whenever a domain
boundary is crossed.  I think if we're going to permit cardinality zero
in this case we need to put in a pretty explicit warning that if you
are traversing a domain boundary you should NEVER use implicit namespace.

In general I'd be much more comfortable if this always had cardinality
exactly one.


Bob Blakley (email: blakley@us.tivoli.com   phone: +1 512 436 1564)
Chief Scientist, Security, Tivoli Systems, Inc.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC