[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Glossary issue with the term "Principal"
As I do not yet have a privilege to create issues in JIRA, I am sending this issue to the list. SAML Glossay 2.0 defines the term Principal as "A system entity whose identity can be authenticated. [X.811]". Other definitions, however, contradict this in other definitions by using "principal" implicitly for non-system entities (aka. users), as in Account, Affiliation, IDP, Persistent Pseudonym, etc. In addition this is not a correct citation of X.811, which says "An entity whose identity can be authenticated." I suggest to fix this in 2.1 by clarifying the definition, e.g. with this wording: "An entity whose identity can be authenticated and which can be the subject of a SAML assertion" My rationale to raise this issue was, that an "UnknownPrincipal" exception should have revealed without using a debugger that the cause was a metadata misconfiguration, not a problem with the user's login account. - Rainer