OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [security-services] Groups -sstc-saml-MetadataDiscoveryProtocols-2.0-draft-00.pdf uploaded


> So how does one parse this, how do I know the schema for the 
> metadata returned ? How do I get the schemas for the data returned ?

The specification has the schema in it. This isn't arbitrary data (modulo
extensions).

> Yes, caught the fever and took an aspirin and its now gone. 
> You seem to be missing the point, you seem to have to talk to 
> the end point service to get the metadata but you may not be 
> able to, so there is a boot strap issue.

You've lost me, I'm afraid. There's nothing "magic" here, you issue an HTTP
GET for an XML document containing the metadata. You get back text/xml
containing the signed XML instance. Unless the URL is not an HTTP URL, in
which case it's scheme-specific. The spec I believe mandates support on the
relying party end for HTTP/S, but obviously many others are possible (ftp,
gopher, beep, yadda yadda).

I see no "end point service" or any bootstrap considerations. The metadata
bootstraps the other profiles (i.e. For a given provider, where do I send
SSO requests?).

-- Scott



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]