OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [security-services] missing Qname for AuthorityKind attribute

The <saml:AuthorityBinding> element ( provides a means of describing the location, binding type and functionality of an authority. The AuthorityKind attribute is used to describe the functionality of an authority and must be a Qname derived from the SAML Protocol Query element (Section 3.3).
This excludes the case wherein a <samlp:Request> contains <AssertionIDReference> or <AssertionArtifact> elements but no query element. The "gap" here is the lack of a QName to describe this form of "simple-minded" query.
In updating the WS-Security profile to allow for <AssertionIDReference> elements, there is a need also to describe how and where the corresponding assertion is to be retrieved. <saml:AuthorityBinding> is tantalizingly close to what is needed. But as described it cannot express the required functionality.
Have I strayed into SAML 1.1 here?
- prateek

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC