OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Credentials Collector proposal for SAML 2.0

Is there more information on the SAML domain model described in Figure 1 in 
the SAML 1.0 core specification (Assertions and Protocol for the Oasis Security
Assertion Markup Language) than in the core SAML draft?

The reason I ask is that I believe the RequestAuthenticationAssertion request is intended
to retrieve existing SAML authentication assertions meeting criteria, but the specification states that
new authentication assertions should not be created.

This is distinct from creating authentication assertions based on credentials and authentication actions 
such as challenges and responses as outlined in the credential collector proposal. Thus, am I correct that none of the types of messages (Type 1,2,3) in the proposal are yet defined?

I'm trying to understand in concrete terms what the current SAML standard authentication authority formats and
protocols are, to better understand why we need a translator. Is it correct that generic formats and protocols
for requesting assertion creation are undefined in SAML? (creation of assertions is implicit in the bindings/profile but this is different)

regards, Frederick
Frederick Hirsch
Nokia Mobile Phones

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]