[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Authenticator to Subject Confirmation renaming
This is the new text: 1.1.1 Element <Subject> The <Subject> element specifies a party by any of the following means: * A name. * By information that allows the party to be authenticated. * By reference to another assertion or by containment of another assertion. If a <Subject> element contains more than one subject specification the issuer is asserting that all the subject specifications present specify the same subject. For example if both a <NameIdentifier> and a <Authenticator> element are present the issuer is asserting that the authentication data authenticates the party with the specified name. The following schema defines the <Subject> element: <element name="Subject" type="saml:SubjectType"/> <complexType name="SubjectType"> <choice maxOccurs="unbounded"> <element ref="saml:NameIdentifier" minOccurs="0" maxOccurs="unbounded"/> <element ref="saml:SubjectConfirmation" minOccurs="0" maxOccurs="unbounded"/> <element ref="saml:AssertionSpecifier" minOccurs="0" maxOccurs="unbounded"/> </choice> </complexType> 1.1.1.1 Element <SubjectConfirmation> The <SubjectConfirmation> element specifies a subject by specifying data that authenticates the subject. <AuthenticationMethod>[Any number] Each <Authentication> element specifies a URI that identify a protocol that may be used to authenticate the subject. <SubjectConfirmationData>[Optional] Each <SubjectConfirmationData> element specifies additional authentication information used by a specific authentication protocol. <ds:KeyInfo>[Optional] An XML Signature <ds:KeyInfo> element that specifies a cryptographic key held by the subject. URIs identifying common authentication protocols are specified in Section 4 . The following schema defines the <SubjectConfirmation> element: <element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/> <complexType name="SubjectConfirmationType"> <sequence> <element ref="saml:AuthenticationMethod" maxOccurs="unbounded"/> <element name="SubjectConfirmationData" type="string" minOccurs="0"/> <element ref="ds:KeyInfo" minOccurs="0"/> </sequence> </complexType> Phillip Hallam-Baker FBCS C.Eng. Principal Scientist VeriSign Inc. pbaker@verisign.com 781 245 6996 x227 <<Phillip Hallam-Baker (E-mail).vcf>>
Phillip Hallam-Baker (E-mail).vcf
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC