security-services message

Subject: RE: [security-services] Thoughts wrt draft-sstc-saml-issues-status-01

> I added prose in core 1.3.2, and also added a definition of 
> "XML namespace" to the glossary, to try to explain away the "SAML
> namespace" vs. "XML namespace" distinction, but it's pretty awkward
> confusing.

I just re-read 1.3.2 to refresh my memory. I have this urge to say
something like "if an XML namespace falls in the forest, does it make a
sound?". The following may sound weird, but bear with me for a sec...

I asked Irving last Friday when a URI reference "becomes" an XML
namespace identifier (his answer being when it's used as one in an XML
instance). I'm not sure I totally agree, in the sense that I feel like a
namespace can have an identity apart from its first use in XML.

Schema didn't exist when namespaces were proposed, so it's fair to say
that you don't need a schema, or by extension specific elements and
attributes before you can say "I have a namespace here". IOW, the
namespace comes before the names it contains.

By this thinking, first you say "here's a URI for this namespace of
mine" and *then* you stick into XML for the first time.

What I'm trying to say is that since AttributeNamespace is a URI
reference meant to qualify SAML attribute names, it feels an awful lot
like an XML namespace to me, whether it ever shows up in an xmlns
attribute or not. So maybe it really is a distinction not worth calling
out, since it basically has the same kind of semantics to it.

> AttributeNameQualifier isn't too bad, but ActionValueQualifier doesn't
> work quite as well.  AttributeNameSet and ActionValueSet?

From a consistency standpoint, it would just be ActionQualifier, which
sounds a little better to me than ActionValueQualifier, but I don't have
a strong opinion on it.

After having a chance to work it through a little, I guess I'm less
bothered by the name than I was last week. It may be that trying to make
it clear that it's not processed as a namespace by the XML parser by
changing the name to something unusual is just going to confuse people

-- Scott

