[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: ACTION[Ron]: Proposal for STR ValueType. (issue 250)
The optional ValueType appribute of the (Direct) reference sub element
of STR is used to indicate the type of the token being referenced.
The optional ValueType attribute of the KeyIdentifier sub element of STR is
used to type the key identifier.
If a key identifier STR is to identify the type of the referenced token,
either
an additional attribute must be invented (to represent the token type),
or the value assigned to the ValueType attribute must identify the
type of the identifier and the type of the referenced assertion.
The opposite is true where there is a need to define the type or format
of a direct reference.
I raised these issues while trying to define a keyIdentifer reference to
a SAML token, without requiring either
1. that a ValueType attribute always be defined on keyIdentifier
2. that a specified key identifier valueType be bound to a
particular type or version of referenced security token
Proposed resolution:
There should be a well-know attribute (e.g TokenType) available within
the STR element that can
be used to define the type of the referenced token. There should be
another well known
and common attribute (e.g. ValueType) that can be used to type the
reference. This attribute could
also be in the STR, or it could appear as ValueType does, in the
individual reference form elements.
It would also be a good idea to change the name of the ValueType
attribute, to something like
ReferenceType, to signal a clear berak from the previous semantics.
Ron
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]