MHonArc v2.5.0b2 -->
xacml message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
[Date Index]
| [Thread Index]
| [List Home]
Subject: Re: Draft of profile for XACML-compatible SAML Attributes. Forwardedmessage from Eve L. Maler.
I think Eve's attached suggestion is good, and I have created
Draft 02 (attached) with the suggested change. For those of you
who haven't tried to tackle it yet, fear not: the content of this
Profile is only 22 lines of normative text.
--- Begin Message ---
I believe that, instead of the requirement for NameFormat:Name imposed
in the first paragraph of Section 3, what you really want is something
like this:
"A *SAML Attribute* to be used as input to an *XACML processor* SHALL
have a NameFormat attribute value of
'urn:oasis:names:tc:SAML:2.0:attname-format:uri'. The value of the
*SAML Attribute's* Name attribute SHALL be a URI reference that conforms
to this name format and that is sufficient to distinguish instances of
the given SAML Attribute from instances of other SAML or XACML
Attributes that have different semantics. ..."
In other words, if you want to use a semantically distinguished URI as
the SAML Attribute's name, SAML now lets you do this in a really clear
way. You simply need to indicate that the Name is intended to be a URI
by using the appropriate NameFormat value (given above).
Anne Anderson wrote:
> Attached is an initial draft of the Profile document that
> specifies the format for XACML-compatible SAML Attributes. This
> Profile, once approved by the XACML TC, will be submitted to the
> SSTC for inclusion in the SAML 2.0 set of specifications.
> The SAML attribute names - Name and NameFormat - are those used
> in the Rev 11 SAML 2.0 draft.
> Comments invited.
> Anne
Eve Maler +1 781 442 3190
Sun Microsystems cell +1 781 354 9441
Web Products, Technologies, and Standards eve.maler @
--- End Message ---
Anne H. Anderson Email: Anne.Anderson@Sun.COM
Sun Microsystems Laboratories
1 Network Drive,UBUR02-311 Tel: 781/442-0928
Burlington, MA 01803-0902 USA Fax: 781/442-1692
XACML Profile of SAML V2.0 Attributes, Draft 02
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
[Date Index]
| [Thread Index]
| [List Home]