Please review: DRAFT Reg of application/samlassertion+xml
chris at w3.org
Mon Sep 20 19:12:09 CEST 2004
On Monday, September 20, 2004, 6:28:11 PM, Jeff wrote:
>> On Monday, September 20, 2004, 12:23:33 PM, Graham wrote:
>> GK> That wording looks OK to me.
>> GK> One additional point to consider, but I think it's marginal: the case when
>> GK> the default namespace is a SAML namespace. (In practice, I think anyone
>> GK> who knows enough about XML to use this stuff will understand that case is
>> GK> implied, but maybe it's better to be explicit.)
>> I agree (especially in a section on magic numbers and by extension,
>> magic strings) its better to avoid any mention of potentially magical
>> prefixes in the registration document.
>> Just state the URI of the namespace or namespaces. Since this is a +xml
>> type, its okay to assume that an XML processor is being used rather than
>> plain text regexps and so on. State the element local name and its
>> namespace, and you are all set.
JHKc> Ok, how about this...
JHKc> Magic number(s):
JHKc> In general, the same as for application/xml [RFC3023]. In
JHKc> particular, the XML root element of the returned object will be
JHKc> <Assertion>, and will be in one of the version-specific SAML
JHKc> assertion XML namespaces, as defined by the appropriate version-
JHKc> specific SAML "core" specification (see bibliography).
JHKc> With SAMLv2.0 specifically, the root element of the returned
JHKc> object may be either <saml:Assertion> or <saml:EncryptedAssertion>,
JHKc> where "saml" represents any XML namspace prefix that maps to the
JHKc> SAMLv2.0 assertion namespace URI:
Yeas, that is a lot better.
Chris Lilley mailto:chris at w3.org
Chair, W3C SVG Working Group
Member, W3C Technical Architecture Group
More information about the Ietf-types