OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: [security-services] Thoughts wrt draft-sstc-saml-issues-status-01

> I followed up because I think it's really critical that 
> anyone that doesn't understand the purpose of XML namespaces 
> doesn't get confused and think that it's appropriate to place 
> a "domain identifier" of some sort in the AttributeNamespace 
> slot. That slot is to identify the XML namespace in which the 
> attribute's Name has been placed. For example, as Stephen 
> Farrell has been arguing, there may well be a namespace 
> defined for inetOrgPerson attributes.

I'm following my follow up to head off any confusion and clarify that
it's not mandated by SAML that the AttributeNamespace be an XML
namespace. I keep thinking it is, and I think it often will be, but
Irving pointed out the misunderstandings surrounding this on the focus

But I think it's definitely closer to being an XML namespace than what
we're thinking of as "attribute scope" in Shibboleth, so the basic point
is still valid.

Maybe (don't shoot me) it would be better to call it something other
than AttributeNamespace? I think if you call something a namespace in
the middle of an XML document, the confusion is fairly understandable.
Then again, maybe it's a distinction without a difference, I don't know.
The term AttributeNameQualifier came to mind.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC