OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: RE: lookup by artifact


Sounds good to me. As it stands, the element has
type string, so we have no issue there. 

Phil, I would then propose
that the element be called "Artifact" as opposed
to assertion handle. If all of this is too confusing
I can re-send my original request with names
fixed.

- prateek 

-----Original Message-----
From: Charles Knouse
To: security-services@lists.oasis-open.org
Sent: 8/30/01 7:51 PM
Subject: Re: lookup by artifact

I would like to suggest that the lookup send the entire artifact, not
just the
assertion handle. This allows the lookup to be used for for future
artifact
implementations as well as the specifed 0x0001 artifact. Since the
artifact
contains the type code, the SAML processor servicing the lookup can
determine
how to handle the artifact or reject it (which shouldn't happen with a
legitimate artifact that was created by the same site). I  also suggest
that
the artifact element be of type string with no explicit size limits, to
allow
future artifacts of different sizes.

Regards,
Charles

"Mishra, Prateek" wrote:

> Hi Phil,
>
> Following the white board discussion at
> F2F#4, please add the following new element to
> <samlp:RequestType>.
>
> Proposed Changes:
> ++++++++++++++++++++++++++++++++++++++++++
>
> <element name "AssertionHandle" type="string">
>
> with <samlp:RequestType> modified to read:
>
> <complexType name="RequestType">
>                 <complexContent>
>                         <extension base="samlp:RequestAbstractType">
>                                 <choice>
>                                         <element name="Query"
> type="samlp:QueryAbstractType"/>
>                                         <element
ref="saml:AssertionID"
> maxOccurs="unbounded"/>
>                          <element ref="AssertionHandle"
> maxOccurs="unbounded" />
>                                 </choice>
>                         </extension>
>                 </complexContent>
> </complexType>
>
> The following changes to text in 2.2.2 for core-16 are also proposed:
>
> The <Request> element specifies a SAML request. This may contain
either a
> query, a request for one or more assertions identified by their
> AssertionIDs, or a request for one or more
> assertions identified by their AssertionHandles. AssertionHandle is an
> opaque value which is interpreted and de-referenced only by the entity
that
> created the AssertionHandle.
>
> - prateek
>
> ----------------------------------------------------------------
> To subscribe or unsubscribe from this elist use the subscription
> manager: <http://lists.oasis-open.org/ob/adm.pl>
 <<Card for Charles Knouse>> 


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC