[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Attributes in SAML 2.0 and Alignment with SPML 1.0
Thanks for the clarification. Oddly, this specific comment is missing from the version of your document I read ("Convention for Use of X.500/LDAP Attribute Types in SAML") but I did rediscover it in some of our minutes. - prateek -----Original Message----- From: RL 'Bob' Morgan [mailto:rlmorgan@washington.edu] Sent: Monday, March 15, 2004 8:17 PM To: Mishra, Prateek Cc: OASIS Security Services TC Subject: Re: [security-services] Attributes in SAML 2.0 and Alignment with SPML 1.0 On Mon, 15 Mar 2004, Mishra, Prateek wrote: > I have received the suggestion that our treatment of attributes in SAML > 2.0 be somewhat aligned with their treatment in SPML 1.0. As best as I > can figure out, SPML 1.0 uses the DSML 2.0 elements <dsml:DsmlAttr> and > <dsml:AttributeDescriptionValue> to represent X.500 attribute names and > values as XML elements. > > Could anyone comment on the strengths and weaknesses of this approach? This may be moot, but as regards attribute naming, as far as I can tell DSML makes the naive assumption that attributes can be well-named by their LDAP string descriptors (eg, "cn"). This is really inadequate for reasons I wrote about in my attribute-naming proposal document. - RL "Bob"
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]