[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: Groups - Action Item Modified: #0294 Propose text and schemachange f...
Filling in details from Eve's template (note that I'm not 100% sure about my use of terminology, so please review): > If you can supply the following, I can turn it into a publishable form: > > - Who originally reported the issue and where Ari Kermaier http://lists.oasis-open.org/archives/security-services/200704/msg00068.html > - Which original SAML OASIS Standard doc(s) and/or schemas are > problematic SAML 2.0 Core spec for the NameIDMapping protocol > - Relevant section number(s) at issue Section 3.8.2 > - Line number(s) (in the PDF) lines 2721-2724 > - Description of the issue and rationale for changing it Spec defines the NameIDMappingResponseType as extending StatusResponseType with the addition of a choice of saml:NameID or saml:EncryptedID element. The schema does not indicate minoccurs="0", making exactly one of these elements required in any samlp:NameIDMappingResponse. What is the response supposed to look like if an error Status is being returned? I would assume that the NameID/EncryptedID would have to be omitted, but the schema doesn't allow it. > - One or more options for how to change the original text, with > exact text options Line 2710: Change "[Required]" to "[Optional]" After Line 2712, add: "In the case of a Success response, one of these elements MUST be included. In the case of an error response, these elements SHOULD be omitted. Note that the specification, as originally published, erroneously made these elements mandatory. For compatibility, receivers SHOULD ignore these elements if present in an error response." Line 2721: Add minOccurs="0" to choice: <complexType name="NameIDMappingResponseType"> <complexContent> <extension base="samlp:StatusResponseType"> <choice minOccurs="0"> <element ref="saml:NameID"/> <element ref="saml:EncryptedID"/> </choice> </extension> </complexContent> </complexType> -Greg On 5/17/07 8:26 AM, "bcampbell@pingidentity.com" <bcampbell@pingidentity.com> wrote: > OASIS Security Services (SAML) TC member, Mr Brian Campbell has modified > this action item. > > Number: #0294 Description: Propose text and schema change > Owner: Greg Whitehead > Status: Open > > Comments: Mr Brian Campbell 2007-05-17 13:26 GMT > > http://lists.oasis-open.org/archives/security-services/200704/msg00068.html > > Is the original post on the subject and > > http://lists.oasis-open.org/archives/security-services/200704/maillist.html > > has pointers to the numerous replies. > > View Details: > http://www.oasis-open.org/apps/org/workgroup/security/members/action_item.php? action_item_id=1817 > > PLEASE NOTE: If the above links do not work > for you, your email application may be breaking the link into two pieces. You > may be able to copy and paste the entire link address into the address field > of your web browser. - OASIS Open Administration
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]