[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [security-services] AttributeDesignator as used in assertion andprotocol schemas
My bad; never mind. It's actually done correctly in the schema, with AttributeDesignator in the query and Attribute in the statement. I think the spec wording got out of sync with the schema and I got confused. Eve At 10:46 AM 11/28/01 -0500, Eve L. Maler wrote: >(I'm looking at the core-19 schemas that are on the SSTC page.) > >Is it intended that when AttributeDesignator from the saml: namespace is >reused in the protocol schema (for an AttributeQuery), you're supposed to >supply the AttributeValue? I would think that in an assertion you do want >to spell out an attribute value, but in a query you just want to ask for >the attribute of the specified name, without parameterizing it by the value. > >E.g., if I want to know the PaidStatus of a subscriber to a service, I >would just say "Please give me the value of the PaidStatus attribute" -- I >wouldn't say "Please give me the PaidStatus=PaidUp attribute". Right?? > >If we want to change this, we would need to have something like a base >AttributeDesignatorType (and an AttributeDesignator element) in saml: that >just has AttributeName and AttributeNamespace (currently XML >attributes). Then we should extend it in samlp: to get an >AttributeValueType (and an AttributeValue element) that adds an element >called AttributeValue. > > Eve -- Eve Maler +1 781 442 3190 Sun Microsystems XML Technology Center eve.maler @ sun.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC