OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] New Issue: AssertionID/ WSS Direct referencecompatability

> I think this is a case where revisiting this issue in a couple of months,
> will likely prevent SAML and the STP from defining short-lived
> accomodations just as the path to a more permanent solution becomes
> evident and available.

The problem is the strictness of XML is such that we're kind of stuck. We
can't do what we want yet, and if we decide to continue defining our own ID,
we can't change it later without making an incompatible change. It becomes a
SAML 3.0 step to move to xml:id.

The real complaint I have is that this is self-inflicted. The proper way to
locate an element based on an ID is not by relying on the name of the
attribute. That's a serious mistake in XML processing. There are ways now to
establish ID-ness without relying on validation, so whatever argument was
made as to why this was needed is a mystery to me.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]