[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Should ValueType attribute of STR reference element be moved to toplevel STR definition?
The optional attribute ValueType of the (Direct) reference sub element
of STR
is used to indicate the type of the token being referenced.
The optional ValueType attribute of the KeyIdentifier sub element of STR is
used to type the key identifier.
If the ValueType attribute of the STR reference sub element were moved up to
the containing STR element, it could apply to either type of token
reference.
As the schema is currently defined an additional attribute must be invented
if a key identifier STR is to identify the type of the referenced token.
The alternative is that the keyIdentifier ValueType must both define the
type of the identifier and imply the type of the referenced assertion.
I realize we have had related discussions. I am trying to define a
keyIdentifer
reference to a SAML token, without requiring either
1. that a ValueType attribute always be defined on keyIdentifier
2. that a specified key identifier valueType be imply
a particular type of referenced security token
It seems that the existing schema is inappropriately overloaded wrt
ValueType.
Ron
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]