OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: ISSUE: Problem with AuthenticationQuery use of AuthenticationMethod

Hi folks,


This was just pointed out to me by a developer.  It's a problem that's been in core schema and document since 1.0.


Specifically, V1.1 core draft 10, lines 1114-1118 describing AuthenticationQuery states:


This element is of type AuthenticationQueryType, which extends SubjectQueryAbstractType with the addition of the following element:

<AuthenticationMethod> [Optional]

A filter for possible responses. If it is present, the query made is "What assertions containing authentication statements do you have for this subject with the supplied authentication method?"


Lines 1123-1125 state:

·         If the <AuthenticationMethod> element is present in the query, at least one <AuthenticationMethod> element in the set of returned assertions MUST match. It is OPTIONAL for the complete set of all such matching assertions to be returned in the response.



The problem is that the schema for AuthenticationQueryType defines "AuthenticationQuery" as an XML attribute of type anyURI.  It is NOT defined as an element. I assume this means that there can only be a single method specified on the query; I have assumed this was not the intent of its usage.


So we need to decide whether we want to adopt the schema as the accepted definition and then update the text, or modify the schema and change AuthenticationMethod to an XML element.


Rob Philpott
RSA Security Inc.
The Most Trusted Name in e-Security
Tel: 781-515-7115
Mobile: 617-510-0893
Fax: 781-515-7020


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]