Please review: DRAFT Reg of application/samlassertion+xml

Chris Lilley chris at w3.org
Mon Sep 20 13:37:29 CEST 2004 

On Monday, September 20, 2004, 12:23:33 PM, Graham wrote:

GK> Jeff,

GK> That wording looks OK to me.

GK> One additional point to consider, but I think it's marginal:  the case when
GK> the default namespace is a SAML namespace.  (In practice, I think anyone
GK> who knows enough about XML to use this stuff will understand that case is
GK> implied, but maybe it's better to be explicit.)

I agree (especially in a section on magic numbers and by extension,
magic strings) its better to avoid any mention of potentially magical
prefixes in the registration document.

Just state the URI of the namespace or namespaces. Since this is a +xml
type, its okay to assume that an XML processor is being used rather than
plain text regexps and so on. State the element local name and its
namespace, and you are all set.

GK> #g
GK> --

GK> At 11:52 06/09/04 -0700, you wrote:
>> > I'm a bit concerned that this might be read as asserting that a
>> > application/samlassertion+xml object must use the specific namespace
>> prefix
>> > "saml", rather than any namesp[ace prefix that maps to a SAML namespace
>> URI.
>>
>>
>>good catch, thanks.
>>
>>
>> > Assuming this is not being claimed, I'd suggest:
>> > [[
>> > Additional information:
>> >
>> >        Magic number(s):
>> >             In general, the same as for application/xml [RFC3023]. In
>> >             particular, the XML root element of the returned object will be
>> >             <saml:Assertion>, where "saml" as any namespace prefix that
>> maps
>> >             to a version-specific SAML assertion namespace URI, as 
>> defined by
>> >             the appropriate SAML "core" specification (see bibliography).
>> >             In the case of SAMLv2.0, the root element of the returned
>> object
>> >             may be either <saml:Assertion> or <saml:EncryptedAssertion>,
>> >             where "saml" is a prefix that maps to the SAMLv2.0 assertion
>> >             namespace URI:  urn:oasis:names:tc:SAML:2.0:assertion.
>> > ]]
>>
>>
>>how 'bout this build:
>>
>>
>>         Magic number(s):
>>              In general, the same as for application/xml [RFC3023]. In
>>              particular, the XML root element of the returned object will be
>>              <saml:Assertion>, where "saml" represents any XML namespace
>>              prefix that maps to a version-specific SAML assertion XML
>>              namespace URI, as defined by the appropriate version-specific
>>              SAML "core" specification (see bibliography).
>>
>>              With SAMLv2.0 specifically, the root element of the returned
>>              object may be either <saml:Assertion> or 
>> <saml:EncryptedAssertion>
>>,
>>              where "saml" is an XML namspace prefix that maps to the SAMLv2.0
>>              assertion namespace URI: 
>> urn:oasis:names:tc:SAML:2.0:assertion.
>>
>>
>>?
>>
>>thanks,
>>
>>JeffH

GK> ------------
GK> Graham Klyne
GK> For email:
GK> http://www.ninebynine.org/#Contact




-- 
 Chris Lilley                    mailto:chris at w3.org
 Chair, W3C SVG Working Group
 Member, W3C Technical Architecture Group

More information about the Ietf-types mailing list