OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: [security-services] RE: Comments on XML signature guidelines draft

>>is the addition of an "ID" attribute to SAML 1.1 worth considering?

I am also not that big-shot in XML, but what do you think about this fragment of the XML document from http://www.w3.org/TR/2000/WD-xml-2e-20000814 :

Section 3.3.1 (Attribute types):

  AttType    ::=     StringType | TokenizedType | EnumeratedType  

  TokenizedType    ::=     'ID' 

  Validity constraint: ID

  Values of type ID must match the Name production. 
  A name must not appear more than once in an XML document as a value of this type; i.e.,  
  ID values must uniquely identify the elements which bear them.

In my understanding, this means:

Not the attribute itself must be named "ID", but it must be of type "xsd:ID", which is a predefined type of the XML schema. 
So it would be sufficient to type "AssertionID", "RequestID" and "ResponseID" not with the self-made "IDType" in the SAML Assertion schema, but to the standard ID type from XML schema.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC