[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Slightly revised proposals to core/bindin gs
Scott, I am unable to access the URL in your message. Could you please check the link? Within the next week I will start organizing a SAML 1.1 working documents repository at the OASIS SSTC. - prateek >>-----Original Message----- >>From: Scott Cantor [mailto:cantor.2@osu.edu] >>Sent: Friday, February 28, 2003 1:58 PM >>To: 'SAML' >>Subject: [security-services] Slightly revised proposals to >>core/bindings >> >> >>I'm not going to clutter up the list with another meg of >>files, but please find an update to the core and binding >>extensions for new >>SSO profiles in Word form here: >> >>http://usfs2.us.ohio-state.edu/SAML/ >> >>The change that I made is something I'm coming to feel fairly >>strongly about in light of the complexities I'm seeing in Liberty >>regarding changes to their SAML extensions. What I did was >>reformulate the original proposal, an extension to >>samlp:Request, as an >>extension to samlp:Query within an unchanged samlp:Request. >> >>I have come to believe that just as Assertions extend by >>defining new statement types, profiles that use requests >>should extend by >>defining new Query types. We can quibble about whether a >>request for SSO is a proper query, or what the name of it >>should be, but >>the control over versioning the semantics of the query are >>much cleaner this way. >> >>As a simple example of why, our model for indicating >>expectations on the part of requesters and responders is the >>RespondWith and >>AuthorityKind elements, and both of them deal with query and >>statement types as QNames. While they may not be applicable >>in the case >>of this interaction, which is not the usual query to an >>authority interaction, the consistency of the approach is the point. >> >>-- Scott >> >> >>---------------------------------------------------------------- >>To subscribe or unsubscribe from this elist use the subscription >>manager: <http://lists.oasis-open.org/ob/adm.pl> >> ---------------------------------------------------------------- To subscribe or unsubscribe from this elist use the subscription manager: <http://lists.oasis-open.org/ob/adm.pl>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]