OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: wrt: DS-4-02: XML Terminology

Your guidelines and sample prose look great to me.  The Bindings work has 
been very careful about usage already, and that's where this problem would 
have resided.  Avoiding "document" (in the XML sense) is good because SAML 
is likely to be mixed in with other elements in various fashions and this 
would beg the whole question of the binding and/or profile being used in 
any one case.  I say we should close the issue.


At 06:01 PM 9/24/01 -0700, Jeff Hodges wrote:
>The text of this issue from draft-sstc-saml-issues-06..
>ISSUE:[DS-4-02: XML Terminology]
>Which XML terms should we be using in SAML? Possibilities include: message,
>document, package.
>Status: Open
>I think this issue is presently largely moot. As I recall, it arose in the
>context of the use case work wherein some folks were using terms such as
>"authentication document" to name objects that we now describe as
>"authentication assertions".
>In looking at core-15 and bindings-model-05, I note that those docs already
>eschew using the "document" and "xml document" terms to describe (what I'd 
>"SAML objects".
>I jotted down some recommendations in case anyone wishes to discuss/refine 
>(rat-hole warning).
>I recommend we close DS-4-02.
>Recommendations on terminology wrt SAML objects
>SAML is specified in terms of XML. The data objects comprising SAML ("SAML
>objects" for short) are thus expressed in an XML-based syntax as defined 
>by the
>SAML schema, itself expressed according to the XML schema syntax. Those SAML
>objects defined in terms of "XML elements" are formally "XML documents" when
>considered *in the context of XML itself*. See..
>   http://www.w3.org/TR/2000/REC-xml-20001006
>..for the definition of "XML document".
>However, when considering SAML objects *in the SAML context*, we SHOULD use
>terms (and combinations thereof, along with other terms not explicitly on this
>list) such as: "assertion", "request", "response", "message", "query",
>"element". We SHOULD NOT use the term "document" to describe SAML objects 
>in the
>SAML context. Some obvious examples..
>   request message
>   response message
>   authentication assertion
>   SAML assertions
>   foo element, e.g. <Subject> element
>A longer prose example..
>   The SAML protocol is comprised of request and response messages. SAML
>   requests are comprised of authentication, authorization, and attribute
>   queries. A SAML response message is returned as a result of a query. SAML
>   responses convey SAML authentication assertions, authorization decision
>   assertions, and attribute assertions.
>   SAML assertions may be combined with other non-SAML objects in various
>   fashions. Examples of some such objects are otherwise-arbitrary, non-SAML
>   XML documents (thus including various non-SAML, XML-based protocol 
> elements,
>   e.g. SOAP, ebXML), MIME messages, and so on.

Eve Maler                                    +1 781 442 3190
Sun Microsystems XML Technology Center   eve.maler @ sun.com

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC