OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Assertion level Subject

I hate to break up the ongoing parlay about the LA specs with real work, but.....

The current SAML spec, as I understand it, has a subject contained within each statement, allowing for different subjects in different statements.  While I have no problems with allowing for this,  I do have a problem with requiring this, especially when, at least in our case, all statements within an assertion will have the same subject.  In fact, in every example that I have seen generated by others, the subjects have been the same as well, so it isn't just me.

My issues with this are:
Note that I am NOT objecting to the possiblity for there being different subjects.  I'm sure there are reasonable use cases where that will come to be.  I am just saying  that we should efficiently handle what I see as a common use case.

So, I would like propose that we add an Assertion level <Subject> that applies all statements without a statement level <Subject>.

Barring such a solution, my next suggestion would be to add a Subject reference mechanism so that a statement could refer to the <Subject> in another statement (but this feels like a kludge to me).


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]