OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: AuthenticationCode + Protocol --> AuthenticationMethod


We currently have two structures that appear to refer to the same thing
<Protocol> and <AuthenticationCode>.

Both refer to an Authentication method (aka Protocol) of which the protocol
part at least will be identified by URI in section 4 of the draft.

If we want these identifiers to be different we need (1) an explanation of
why, (2) someone to write text to explain what is going on.

	<xsd:element name="Authenticator" type="saml:AuthenticatorType"/>
	<xsd:complexType name="AuthenticatorType">
		<xsd:sequence>
			<xsd:element name="Protocol" type="uriReference"
maxOccurs="unbounded"/>
			<xsd:element name="Authorizationdata" type="string"
minOccurs="0"/>
			<xsd:element ref="ds:KeyInfo" minOccurs="0"/>
		</xsd:sequence>
	</xsd:complexType>

	<xsd:complexType name="AuthenticationAssertionType">
		<xsd:complexContent>
			<xsd:extension
base="saml:SubjectAssertionAbstractType">
				<xsd:sequence>
					<xsd:element
ref="saml:AuthenticationCode"/>
					<xsd:element
name="AuthenticationInstant" type="timeInstant"/>
					<xsd:element
name="AuthenticationLocale" type="saml:AuthenticationLocaleType"
minOccurs="0"/>
				</xsd:sequence>
			</xsd:extension>
		</xsd:complexContent>
	</xsd:complexType>

	<xsd:element name="AuthenticationCode"
type="saml:AuthenticationCodeType"/>
	<xsd:simpleType name="AuthenticationCodeType">
		<xsd:restriction base="string"/>
	</xsd:simpleType>


I propose that we change both of these so that they point to a single
<AuthenticationMethod> element:


	<xsd:element name="Authenticator" type="saml:AuthenticatorType"/>
	<xsd:complexType name="AuthenticatorType">
		<xsd:sequence>
			<xsd:element ref="saml:AuthenticationMethod"
maxOccurs="unbounded"/>
			<xsd:element name="Authorizationdata" type="string"
minOccurs="0"/>
			<xsd:element ref="ds:KeyInfo" minOccurs="0"/>
		</xsd:sequence>
	</xsd:complexType>

	<xsd:complexType name="AuthenticationAssertionType">
		<xsd:complexContent>
			<xsd:extension
base="saml:SubjectAssertionAbstractType">
				<xsd:sequence>
					<xsd:element
ref="saml:AuthenticationMethod"/>
					<xsd:element
name="AuthenticationInstant" type="timeInstant"/>
					<xsd:element
name="AuthenticationLocale" type="saml:AuthenticationLocaleType"
minOccurs="0"/>
				</xsd:sequence>
			</xsd:extension>
		</xsd:complexContent>
	</xsd:complexType>
	<xsd:element name="AuthenticationMethod" type="uriReference"/>

I have attached the two schemas (14a)

Phillip Hallam-Baker FBCS C.Eng.
Principal Scientist
VeriSign Inc.
pbaker@verisign.com
781 245 6996 x227


> -----Original Message-----
> From: Mishra, Prateek [mailto:pmishra@netegrity.com]
> Sent: Tuesday, August 14, 2001 1:39 PM
> To: McLaren, Christopher; 'pbaker@verisign.com';
> 'dorchard@jamcracker.com'; 'security-services@lists.oasis-open.org'
> Subject: Proposed Changes to Core-12 (with renaming)
> 
> 
> This is from the August 14, Focus Group Call
>  
> (1) Removal of <Object> element from (renamed)
> draft-sstc-schema-assertion-12 and
> replacement by its (literal) contents within
> <AuthorizationDecisionAssertionType> and
> <AuthorizationQueryType>.
>  
> (2) Cardinality of element <AttributeValue> within 
> <AttributeType> to be
> changed
> to minOccurs=1, maxOccurs=unbounded
>  
> (3)  Removal of <Attribute> element from <AttributeQueryType> and its
> replacement
> by a new element <AttributeName> with cardinality minOccurs=0,
> maxOccurs=unbounded.
>  
> <element name="saml:AttributeName" type="AttributeNameType">
> <complexType name="AttributeNameType">
>     <element ref="AttributeName">
>     <element ref="AttributeNamespace" minOccurs="0">
> </complexType>
>  
>  
> there is a need to promote to global level the following elements
>  
> <element name="AttributeName" type="string">
> <element name="AttributeNamespace" type="uriReference">
>  
> and update AttributeType to:
>  
> <complexType name="AttributeType">
> <sequence>
> <element ref="AttributeName">
> <element ref="AttributeNamespace">
> <element name="AttributeValue" type="saml:AttributeValueType"
> maxOccurs="unbounded"/>
>  
>  
>  
>  
>  
>  
> 
> ------------------------------------------------------------------
> To unsubscribe from this elist send a message with the single word
> "unsubscribe" in the body to: 
> security-services-request@lists.oasis-open.org
> 

Phillip Hallam-Baker (E-mail).vcf

draft-sstc-schema-assertion-14a.xsd

draft-sstc-schema-protocol-14a.xsd



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC