[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Should ValueType attribute of STR reference element be moved to toplevel STR definition?
The optional attribute ValueType of the (Direct) reference sub element of STR is used to indicate the type of the token being referenced. The optional ValueType attribute of the KeyIdentifier sub element of STR is used to type the key identifier. If the ValueType attribute of the STR reference sub element were moved up to the containing STR element, it could apply to either type of token reference. As the schema is currently defined an additional attribute must be invented if a key identifier STR is to identify the type of the referenced token. The alternative is that the keyIdentifier ValueType must both define the type of the identifier and imply the type of the referenced assertion. I realize we have had related discussions. I am trying to define a keyIdentifer reference to a SAML token, without requiring either 1. that a ValueType attribute always be defined on keyIdentifier 2. that a specified key identifier valueType be imply a particular type of referenced security token It seems that the existing schema is inappropriately overloaded wrt ValueType. Ron