OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: [security-services] Why use name-value pairs for modeling attributes?


Title: Credentials collection proposal
Sometime ago (Aug 26), Joseph Reagle had asked me the question (the text is mine):
 
----- Why do SAML attribute statements include an AttributeType which models the           
---- relationship between an namespace-qualified attribute name and XML value as a triple?
---- Why not express this information as an XML fragment? The latter is the more standard ------ treatment anyway.
 
 
In other words, instead of:
 
<Attribute>
  <AttributeDesignator AttributeNamespace="http://www.finance.org/V1" AttributeName="CreditRating"/>
  <AttributeValue>Good</AttributeValue>
</Attribute>
 
use:
 
http://www.finance.org/V1:CreditRatingGood</CreditRating>  
 
I recall considerable discussion around this topic around F2F#3 (BTW, are the minutes still available someplace in the Oasis web site?). My recollection is that we chose this treatment primarily to unify the syntax of attributes and attribute queries. This was based on a consensus to avoid use of a general XML query language.
 
The corresponding attribute query has the form:
 
<AttributeQuery>
   <AttributeDesignator AttributeNamespace="http://www.finance.org/V1" AttributeName="Credit"/>
</AttributeQuery>
  
which has fairly obvious syntax and semantics.
 
Maybe other SAML-ers other aspects of this discussion. Retrieving the minutes would also be helpful.
 
- prateek mishra
 


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC