Comments on Simon's proposed DataTypes: - subject-category:codebase: this should be anyURI (it is usually a URL) - subject-category:requesting-machine o we should have two requesting machine categories: requesting-machine-ip-address requesting-machine-dns-name o then both can be xsi:string - subject:subject-id: we can't say the "default is xsi:string" since DataType is required. - subject:subject-category: should be anyURI (see list in B.2 - they are all URNs) - subject:subject-id-qualifier: SAML says type not specified. I suggest we let DataType specify the type or else say anyURI - subject:authentication-method: SAML uses anyURI, I suggest same - resource:resource-id: description says "This identifier indicates the entire URI of the resource." I believe this should say "This identifier indicates the name of the resource." I think we need to let DataType determine the type (it might be a string, it might be a URL, it might be a URN, etc.) - action:actionNamespace: should be anyURI to fit with SAML's use Anne -- Anne H. Anderson Email:
Anne.Anderson@Sun.COM Sun Microsystems Laboratories 1 Network Drive,UBUR02-311 Tel: 781/442-0928 Burlington, MA 01803-0902 USA Fax: 781/442-1692