OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

wss-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [wss-comment] Passing binary data in SAML Assertion Token

A SAML Attribute Statement can contain attributes containing binary values encoded as base64. An application or Authorization Policy can make whatever use it wishes of that information. However, the sender and receiver would have to agree on the format and semantics of the data, by publishing a Profile or by private agreement or some other means.
A SAML assertion can also contain binary information (encoded as base64) as a part of the Subject or Subject Confirmation method. For example, a Public key could be included to allow the receiver to subsequently verify the subject's identity by means of a signature.
-----Original Message-----
From: Tony Opatha [mailto:topatha@yahoo.com]
Sent: Friday, September 19, 2003 7:01 PM
To: wss-comment@lists.oasis-open.org
Subject: [wss-comment] Passing binary data in SAML Assertion Token

Is it possible to include binary data in an SAML Assertion token such that
the token is used to identify a SOAP client by inclusion of the token in the
SOAP Security Extension header i.e., <wss:security> element?
In the SAML spec it seems like there is a way to pass non-XML application
data that may be processed by a receiving party's security service?
It is possible to include binary data in SAML token as part of <saml:Attribute> 
and would conforming WSS SOAP Security implementation accept a SAML
token passed in the SOAP security header with binary token data included in
the Assertion token containing AttributeStatement in binary form?
Any help will be appreciated.

Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]