OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: [security-services] Action Item A23

At 04:55 PM 12/5/01 -0400, Chris McLaren wrote:
>Well, I want the element that someone puts in their document to contain an
>assertion to be called <Assertion>. That's why I propose renaming
><MultipleAssertion> to <Assertion> once we had done away with
><SingleAssertion>.

Yep, I totally agree with this logic.  Krishna and I have been speaking in 
favor of clearing up the Single/Multiple situation for a while now.

>However, I'm not 100% clear on why the <Assertion> element, as it exists
>before anything I am proposing, is in the schema today. The best answer I
>could come up with was that it is a generic extension hook created to allow
>you to specify the inclusion of something that has an assertion header, but
>not necessarily statements... Hence the proposal to call it abstractX. If
>there is another reason for the current <Assertion> element existing it
>might suggest a better candidate for a new name.

This is my question, I guess: What's the rationale for AbstractAssertion 
(your name) to exist?  Since SAML statements that go inside assertion 
wrappers can be extended in every way, shape, and form (and don't even have 
to contain subject information), I don't see how the additional 
extensibility of offering a generic AbstractAssertion does us any good.

If whoever championed this (Phill?) can just articulate a rationale for its 
existence that's consonant with what we're trying to do, then I'll shut up...

>While I completely agree with this, it is not related to the specific action
>item I had. Write it as a separate proposal to the list and I'll agree to
>it. (Of course, if we make the <Assertion> an <AssertionPackage>, then one
>could argue that all the <XStatement> elements should then be renamed to
><XAssertion> elements...)

You've unearthed my evil plan, hah hah!
:-)
Actually, Phill first brought up the idea of this name in the June 5 
meeting, and the Maler-Orchard proposal had a structure called 
AssertionPackage (though we made them recursive because we thought somebody 
wanted that).  I've brought it up from time to time ever since.  But I 
could actually live with the current Assertion->Statement(s) situation, 
having presented a technical overview of SAML this week and found that it 
didn't cause as much confusion as I thought it would.

         Eve
--
Eve Maler                                    +1 781 442 3190
Sun Microsystems XML Technology Center   eve.maler @ sun.com

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC