Please review: DRAFT Reg of application/samlassertion+xml
Jeff.Hodges at KingsMountain.com
Jeff.Hodges at KingsMountain.com
Mon Sep 20 18:28:11 CEST 2004
> On Monday, September 20, 2004, 12:23:33 PM, Graham wrote:
>
> GK> That wording looks OK to me.
>
> GK> One additional point to consider, but I think it's marginal: the case when
> GK> the default namespace is a SAML namespace. (In practice, I think anyone
> GK> who knows enough about XML to use this stuff will understand that case is
> GK> implied, but maybe it's better to be explicit.)
>
> I agree (especially in a section on magic numbers and by extension,
> magic strings) its better to avoid any mention of potentially magical
> prefixes in the registration document.
>
> Just state the URI of the namespace or namespaces. Since this is a +xml
> type, its okay to assume that an XML processor is being used rather than
> plain text regexps and so on. State the element local name and its
> namespace, and you are all set.
>
Ok, how about this...
Magic number(s):
In general, the same as for application/xml [RFC3023]. In
particular, the XML root element of the returned object will be
<Assertion>, and will be in one of the version-specific SAML
assertion XML namespaces, as defined by the appropriate version-
specific SAML "core" specification (see bibliography).
With SAMLv2.0 specifically, the root element of the returned
object may be either <saml:Assertion> or <saml:EncryptedAssertion>,
where "saml" represents any XML namspace prefix that maps to the
SAMLv2.0 assertion namespace URI:
urn:oasis:names:tc:SAML:2.0:assertion.
JeffH
More information about the Ietf-types
mailing list