[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Use of Audience as delegation flag
An internal comment from Oracle about the use of an <Audience> element
to "flag" an assertion that might be delegated.
In sstc-saml-constrained-delegation-draft-00 an audience element with value:
urn:oasis:names:tc:SAML:2.0:profiles:delegation
is used to signal delegation.
Now, core-02 describes <audience> in the following way:
<Audience>
A URI reference that identifies an intended audience. The URI reference
MAY identify a document
that describes the terms and conditions of audience membership. It MAY
also contain the unique
identifier URI from a SAML name identifier that describes a system
entity (see Section 8.3.6).
The question is whether this is an appropriate use of <Audience>. The
introduction of a new element, as
is the case for <OneTimeUse> and <ProxyRestriction> might be more
appropriate.
----------------------
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]