[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: Draft Ballot for Issue Group 4
Darren, >Just one comment. In the issue 4-02 Attribute Authority, one of the >proposed resolutions says that the Attribute authority returns "an >AuthZ assertion containing authorization attributes". Based on our >developing domain model, I think it may be accurate to say that it >returns "attribute assertions". I'm not sure we have a new working >definition of "authZ assertions", and shouldn't include it in the >ballot. I agree that "authZ assertion" is a new and as-yet-unneeded term. However, I don't agree that the Attribute Authority returns a set of "attribute assertions" (which seems to be what you are implying). My take has been that in response to a query, the Attribute Authority would return a single assertion that contains a set of attributes about a principal. (I think this is what Prateek is suggesting. Prateek?) I think this disagreement(or is it just a misunderstanding?) points out the need for more clarification on what constitutes an assertion in SAML. (But perhaps this clarification takes place in the core subcommittee (?).) Regards, Marlena
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC