OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Errors in Authentication Context Schemas

I think 2) and 3) are simple editorial. There may be something more involved with 1)
1) Core AC schema defines RestrictedPasswordType with a minInclusive length for the password of 3 characters.
<xs:complexType name="RestrictedLengthType">
      <xs:restriction base="LengthType">
        <xs:attribute name="min" use="required">
            <xs:restriction base="xs:integer">
              <xs:minInclusive value="3"/>
        <xs:attribute name="max" type="xs:integer" use="optional"/>

Not clear to me why Core should define a specific requirement of a minimum password length. Putting such a restriction into Core rather than a particular class would prevent anybody from defining a new class with a minimum length of 2 characters? 
2) The class schemas all? still have the <AuthenticatingAuthority> element. It was removed from the Core schema and elevated to a child of <AuthnStatement>
Propose removing <AuthenticatingAuthority> from the class schemas.
3) The Core AC schema defines AuthnContextDeclarationBaseType with an <AuthenticationMethod>, the classes use <AuthnMethod>
Propose renaming <AuthnMethod> in class schemas to <AuthenticationMethod>
Paul Madsen
e:  p.madsen@entrust.com
p:  613-270-2632
c:  613-799-2632

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]