OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [security-services] errata: misuse of strongly matches


> In any event, it is specified that if the <NameID> element has no
> Format attribute, it is equivalent to one that has an "unspecified"
> Format attribute.  It seems this should be taken into account on lines
> 2600--2601 of SAMLCore and lines 1299--1301 of SAMLProf.  Otherwise
> there's an inconsistency with respect to <NameID>.

IMHO, I think it would be better to scrap the illusion that there's anyway
to define these kinds of things and make it clearer that implementations
ought to provide the hooks necessary to specify it at deployment time, with
some reasonable and self-evident defaults. Otherwise it's just going to be
an endless set of errata.

Even the one place where you're practically told to use XML equivalence,
attribute value filtering, is basically a non-starter. We've already
discarded the idea that that's possible, and are planning to put in hooks
for decoding the XML into a representation that allows custom matching rules
to be applied.

-- Scott



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]