[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xspa-comment] Again on the XSPA namespace
Hello Massimiliano, XSPA 1.0’s
urn:oasis:names:tc:xspa:1.0:subject:subject-id is semantically equivalent to XACML’s
urn:oasis:names:tc:xacml:1.0:subject:subject-id. This was an issue in XSPAv1.0 and that’s why XSPA SAML profile v2.0 is going to deprecate
urn:oasis:names:tc:xspa:1.0:subject:subject-id and use
urn:oasis:names:tc:xacml:1.0:subject:subject-id to stay consistent with XACML.
The value of the attribute is a string in both cases but my understanding is that XSPA is silent about whether or not it should
be a human-readable name. A copy of the XSPA-SAMLv2.0 CSD is posted at:
https://www.oasis-open.org/committees/download.php/57755/saml-xspa-v2.0-wd10-20160316.docx Regards, Mohammad Jafari, Ph.D. Chair, OASIS Cross-Enterprise Security and Privacy Authorization (XSPA) Technical Committee Veteran Health Administration, Department of Veteran Affairs (Edmond Scientific Company) From: Massimiliano Masi [mailto:massimiliano.masi@tiani-spirit.com]
Hi All, This mail is to ask for clarification about the Subject:Subject-ID element. As far as I always assumed, this is a free text string containing the human readable name of the user. The idea is to match it one-to-one with the XACML’s one subject-id, which however does not limit its datatype to string. Is this correct? If so, which name should it have? In XSPA-XACML, section 2.12.1 it is stated: "The name will be typed as a string and in plain text with an identifying tag of <urn:oasis:names:tc:xspa:1.0:subject:subject-id>" While in the table 2 it is stated urn:oasis:names:tc:xacml:1.0:subject:subject-id. What is the correct value? The reason of the question is because the IHE XUA profile, makes use of the XSPA
attribute name. Moreover, any planned date on the XSPAv2.0? Thanks in Advance,
Massimiliano -- |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]