[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: wrt: DS-4-02: XML Terminology
The text of this issue from draft-sstc-saml-issues-06.. ISSUE:[DS-4-02: XML Terminology] Which XML terms should we be using in SAML? Possibilities include: message, document, package. Status: Open I think this issue is presently largely moot. As I recall, it arose in the context of the use case work wherein some folks were using terms such as "authentication document" to name objects that we now describe as "authentication assertions". In looking at core-15 and bindings-model-05, I note that those docs already eschew using the "document" and "xml document" terms to describe (what I'd call) "SAML objects". I jotted down some recommendations in case anyone wishes to discuss/refine them (rat-hole warning). I recommend we close DS-4-02. JeffH ----- Recommendations on terminology wrt SAML objects SAML is specified in terms of XML. The data objects comprising SAML ("SAML objects" for short) are thus expressed in an XML-based syntax as defined by the SAML schema, itself expressed according to the XML schema syntax. Those SAML objects defined in terms of "XML elements" are formally "XML documents" when considered *in the context of XML itself*. See.. http://www.w3.org/TR/2000/REC-xml-20001006 ..for the definition of "XML document". However, when considering SAML objects *in the SAML context*, we SHOULD use terms (and combinations thereof, along with other terms not explicitly on this list) such as: "assertion", "request", "response", "message", "query", "element". We SHOULD NOT use the term "document" to describe SAML objects in the SAML context. Some obvious examples.. request message response message authentication assertion SAML assertions foo element, e.g. <Subject> element A longer prose example.. The SAML protocol is comprised of request and response messages. SAML requests are comprised of authentication, authorization, and attribute queries. A SAML response message is returned as a result of a query. SAML responses convey SAML authentication assertions, authorization decision assertions, and attribute assertions. SAML assertions may be combined with other non-SAML objects in various fashions. Examples of some such objects are otherwise-arbitrary, non-SAML XML documents (thus including various non-SAML, XML-based protocol elements, e.g. SOAP, ebXML), MIME messages, and so on. --- end
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC