security-services message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [Elist Home]
Subject: [security-services] missing Qname for AuthorityKind attribute
- From: "Mishra, Prateek" <pmishra@netegrity.com>
- To: "'security-services@lists.oasis-open.org'"<security-services@lists.oasis-open.org>
- Date: Tue, 23 Jul 2002 18:27:19 -0400
The
<saml:AuthorityBinding> element (2.4.3.2) provides a means of describing
the location, binding type and functionality of an authority. The AuthorityKind attribute is
used to describe the functionality of an authority and must be a Qname derived
from the SAML Protocol Query element (Section 3.3).
This excludes the case
wherein a <samlp:Request> contains <AssertionIDReference> or
<AssertionArtifact> elements but no query element. The "gap" here is the
lack of a QName to describe this form of "simple-minded"
query.
In updating the WS-Security
profile to allow for <AssertionIDReference> elements, there is a need
also to describe how and where the corresponding assertion is to be
retrieved. <saml:AuthorityBinding> is tantalizingly close to what is
needed. But as described it cannot express the required
functionality.
Have I strayed into SAML
1.1 here?
-
prateek
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [Elist Home]
Powered by eList eXpress LLC