[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [security-services] AttributeDesignator as used in assertion andprotocol schemas
(I'm looking at the core-19 schemas that are on the SSTC page.) Is it intended that when AttributeDesignator from the saml: namespace is reused in the protocol schema (for an AttributeQuery), you're supposed to supply the AttributeValue? I would think that in an assertion you do want to spell out an attribute value, but in a query you just want to ask for the attribute of the specified name, without parameterizing it by the value. E.g., if I want to know the PaidStatus of a subscriber to a service, I would just say "Please give me the value of the PaidStatus attribute" -- I wouldn't say "Please give me the PaidStatus=PaidUp attribute". Right?? If we want to change this, we would need to have something like a base AttributeDesignatorType (and an AttributeDesignator element) in saml: that just has AttributeName and AttributeNamespace (currently XML attributes). Then we should extend it in samlp: to get an AttributeValueType (and an AttributeValue element) that adds an element called AttributeValue. Eve -- Eve Maler +1 781 442 3190 Sun Microsystems XML Technology Center eve.maler @ sun.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC