But I think defining
separate metadata for SSO and other metadata for other SAML usage is the wrong
approach. At least at this point, I think we should have one set of
standard metadata for SAML. But of course I'm willing to listen to
counter-arguments. So if there is only one set of metadata, then the
terms will end up getting used outside the scope of SSO. Thus my example
- when defining an authority's SOAP Binding Service URL it is in the "source
site's" metadata. But if I'm just an attribute authority and not supporting
Web SSO, the term "source site" doesn't mean anything to me. So where do I
define the SOAP Binding Service URL?
<Prateek>
Rob,
this is quite a different issue altogether and one we should discuss further.
One way to approach is to define some kind of
"generic"
notion of meta-data (completely free of binding and profile information). The
challenge here is characterizing
this concept of generic meta-data.
The generic meta-data would then be specialized by metadata for
individual profiles or bindings, which would
add
meta-data specific to those profiles or bindings.
</Prateek>
Any
clearer?
<Prateek>
Absolutely !
</Prateek>
Perhaps what we need
to do is come up with a clear set of goals and non-goals to guide the metadata
work item before we go much further. I'm certainly interested in
participating in this (can you tell?).
<Prateek>
I think it is a reasonable activity. The current meta-data profile is quite
explicitly titled "Metadata for
Web Browser Profiles". The primary focus here has been characterizing the data
items that need to
be exchanged between source
and destination sites. Certainly, it is a very narrow and focussed
charter.
I guess the set of questions for the TC are:
(a) Do we need a more general meta-data specification?
(b) What is the charter of this specification?
</Prateek>