OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [Fwd: Re: [security-services] Proposed DoNotCache Condition - withschema change]

Re-forwarding at the TC's request.

-------- Original Message --------
Subject: Re: [security-services] Proposed DoNotCache Condition - with 
schema change
Date: Tue, 07 Jan 2003 10:44:13 -0500
From: Eve L. Maler <eve.maler@sun.com>
To: 'security-services@lists.oasis-open.org' 
<security-services@lists.oasis-open.org>
References: <899128A30EEDD1118FC900A0C9C74A3401034330@bigbird.gradient.com>

I had an informal action (associated with AI-25) to check on the XML
viability of the schema snippet below.  I think it's fine as far as it
goes in defining a DoNotCacheCondition element, but there are a couple
of things that also need to be done:

- The DoNotCacheCondition element needs to be mentioned in the content
model of ConditionsType.  A line should be inserted after <element
ref="saml:AudienceRestrictionCondition"/> that says <element
ref="saml:DoNotCacheCondition"/>.

- The DoNotCacheCondition element is bound to the plain
ConditionAbstractType, but this is a type that needs to be extended to
be used concretely in an instance.  So I think a DoNotCacheConditionType
needs to be created that trivially extends the abstract type, in much
the same way as AudienceRestrictionConditionType was defined.  It would
look like this (notice that the element declaration had to change too):

<element name="DoNotCacheCondition" type="saml:DoNotCacheConditionType" />
<complexType name="DoNotCacheConditionType">
    <complexContent>
      <extension base="saml:ConditionAbstractType"/>
    </complexContent>
</complexType>

So if we're happy with the semantics of DoNotCacheCondition (it seemed
to require some additional discussion last time it came up), I think the
structural suggestions above would do the trick.

	Eve

Hal Lockhart wrote:
> Having received little input on the XML specifics of this, I decided 
> simplest is best. Here are the changes:
> 
> Add the following text after line 438 of the core spec.
> 
> ----
> 
> <DoNotCacheCondition> [Optional]
> 
> Indicates that the assertion SHOULD be used immediately and MUST not be 
> retained for future use. Note: no implementation is required to perform 
> caching, however any that do so MUST observe this Condition.
> 
> ----
> 
> immediately following "<element name="Audience" type="anyURI" />" insert:
> 
> ----
> 
> <element name="DoNotCacheCOndition" type="saml:ConditionAbstractType" />
> 
> ----
> 
> Hal
> 

-- 
Eve Maler                                        +1 781 442 3190
Sun Microsystems                            cell +1 781 354 9441
Web Technologies and Standards               eve.maler @ sun.com


----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the subscription
manager: <http://lists.oasis-open.org/ob/adm.pl>


-- 
Eve Maler                                        +1 781 442 3190
Sun Microsystems                            cell +1 781 354 9441
Web Technologies and Standards               eve.maler @ sun.com

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]