[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Text for response in SAML FAQ
> That's disappointing, but I don't see any other way around it. > It means anything that uses namespaces can't be valid XML, just > well-formed. Time to go ask the W3C TAG, I guess. Unless someone here > can find a hole in my logic. Well, most of the specs predate XML Schema, and it was intended to replace DTDs (no arguments please), so it doesn't seem to make sense to treat validity as solely a DTD issue, even if the XML spec contradicts that. I don't know why everything has been left out of sync for so long. But SAML itself is also defined in terms of XSD. So there's a question of SAML "validity" quite apart from XML itself. And SAML specifically does not permit any attributes from appearing except the ones listed (no wildcard). So even if it was legal in an XML instance two have two attributes of type ID, SAML doesn't allow it. I don't think it's intended to be legal in this amalgam I'll call "XML + namespaces + XSD" either, but I don't know. We discussed xml:id during 2.0 development, and nobody even hinted at the possibility that it would be legal to have a SAML ID as well as a foreign ID attribute. I suspect no XSD-validating parsers would handle it, and if it were legal it might just be a loophole that gets closed anyway. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]