Please review: DRAFT Reg of application/samlassertion+xml

Graham Klyne GK at ninebynine.org
Mon Sep 6 17:41:16 CEST 2004


At 09:06 01/09/04 -0700, Jeff.Hodges at KingsMountain.com wrote:
>Additional information:
>
>       Magic number(s):
>            In general, the same as for application/xml [RFC3023]. In
>            particular, the XML root element of the returned object will be
>            <saml:Assertion>, where "saml" maps to a version-specific SAML
>            assertion namespace, as defined by the appropriate SAML "core"
>            specification (see bibliography). In the case of SAMLv2.0, the
>            root element of the returned object may be either
>            <saml:Assertion> or <saml:EncryptedAssertion>, where "saml"
>            maps to the SAMLv2.0 assertion namespace:
>            urn:oasis:names:tc:SAML:2.0:assertion

I'm a bit concerned that this might be read as asserting that a 
application/samlassertion+xml object must use the specific namespace prefix 
"saml", rather than any namesp[ace prefix that maps to a SAML namespace URI.

Assuming this is not being claimed, I'd suggest:
[[
Additional information:

       Magic number(s):
            In general, the same as for application/xml [RFC3023]. In
            particular, the XML root element of the returned object will be
            <saml:Assertion>, where "saml" as any namespace prefix that maps
            to a version-specific SAML assertion namespace URI, as defined by
            the appropriate SAML "core" specification (see bibliography).
            In the case of SAMLv2.0, the root element of the returned object
            may be either <saml:Assertion> or <saml:EncryptedAssertion>,
            where "saml" is a prefix that maps to the SAMLv2.0 assertion
            namespace URI:  urn:oasis:names:tc:SAML:2.0:assertion.
]]

#g


------------
Graham Klyne
For email:
http://www.ninebynine.org/#Contact




More information about the Ietf-types mailing list