OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] SAML 1.x metadata profile: NameIdentifier format

> In section 2.5 the SAML1.x metadata profile restricts the 
> NameFormat and Name attributes of the Attribute elements to 
> SAML 1.x namespaces. 
> Should we do the same for SAML 1.x NameIdentifierFormats? 

I don't think it's the same thing. Theere are no SAML 1.x Attribute
"namespaces", nobody defined standard values for it. The point of the
profile is just that you can easily stuff the 1.x Attribute data into the
2.0 Attribute element.

As for nameid format, I don't think we have to restrict anything there. If
people want to come up with a way to use the SAML 2.0 formats in SAML 1.1,
that's up to them. We might use transient, for example, and dump the Shib
handle format.

> A small editorial note, on line 88: 
> For this reason, we define two new URI's for use in 
> identifying SAML 1.0 and 1.1: 
> urn:oasis:names:tc:SAML:1.0:protocol 
> urn:oasis:names:tc:SAML:1.1:protocol 

I noted it, thanks.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]