[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] comment on saml-loa-authncontext-profile:remove 800-63 schemas
Thanks Scott, when I wrote 'linking to the profiles', I was referring
to potential future class schemas derived for the 2 InCommon profiles,
not the SAML LOA AC profile doc. For the AC LOA doc, I'm inclined to
replace the NIST section with a example.foo.com. I was suggesting that, for any future AC class schema for Bronze & Silver derived from the above base schema, the references should not be directly to the InCommon IAP doc (http://www.incommonfederation.org/docs/assurance/InC_Bronze-Silver_IAP_1.0_Final.pdf), but rather to the broader IAAF program doc (http://www.incommonfederation.org/docs/assurance/InC_IAAF_1.0_Final.pdf). But that's for InCommon to decide. paul Scott Cantor wrote: Paul Madsen wrote on 2009-05-01:1) can you point me to the corresponding URIs?I don't think they're 100% baked yet.The AC class mechanism would have us (or InCommon) jump through the hoopofdefining a set of class schemas that then linked to the profiles throughthe<Documentation> kluge ..Yes, that was one of the reasons I wasn't sure using them was the "right thing". Perhaps using a declaration is more appropriate. The theory of this approach to LOA is that none of the other details matter and have all been abstracted into that number.2) Is linking to the profiles, directly or indirectly, the right thing? Should we not link to appropriate sections of the InCommon framework docs, i.e. to ensure that the profiles are interpreted in the context of the full IAAF?I don't think this document should link to anything. I think that was the point being made, that it can't do so other than as purely example material.3) I cant find any info on how the IAQs are expressed on the wire. As attributes?TBD, but we have to support SAML 1.1, so using an Attribute is a logical choice. Additionally, we defined the metadata tagging extension partly to enable things like tagging entities with the LOAs that they can assert, and that would be an Attribute anyway. -- Scott --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]