8 messages in org.oasis-open.lists.security-servicesAuthenticator to Subject Confirmation...| From | Sent On | Attachments |
|---|---|---|
| Hallam-Baker, Phillip | Aug 21, 2001 11:03 am |  .bin |
| Tim Moses | Aug 21, 2001 11:17 am | |
| George Robert Blakley III | Aug 21, 2001 11:33 am | |
| Carlisle Adams | Aug 21, 2001 12:11 pm | |
| Tim Moses | Aug 21, 2001 12:18 pm | |
| Hallam-Baker, Phillip | Aug 21, 2001 1:14 pm | .bin |
| George Robert Blakley III | Aug 21, 2001 1:28 pm | |
| Hallam-Baker, Phillip | Aug 21, 2001 2:26 pm | .bin |
| Subject: | Authenticator to Subject Confirmation renaming | |
|---|---|---|
| From: | Hallam-Baker, Phillip (pba...@verisign.com) | |
| Date: | Aug 21, 2001 11:03:48 am | |
| List: | org.oasis-open.lists.security-services | |
| Attachments: | bin00032.bin - 0.3k | |
This is the new text:
1.1.1 Element <Subject> The <Subject> element specifies a party by any of the following means: * A name. * By information that allows the party to be authenticated. * By reference to another assertion or by containment of another assertion. If a <Subject> element contains more than one subject specification the issuer is asserting that all the subject specifications present specify the same subject. For example if both a <NameIdentifier> and a <Authenticator> element are present the issuer is asserting that the authentication data authenticates the party with the specified name. The following schema defines the <Subject> element: <element name="Subject" type="saml:SubjectType"/> <complexType name="SubjectType"> <choice maxOccurs="unbounded"> <element ref="saml:NameIdentifier" minOccurs="0" maxOccurs="unbounded"/> <element ref="saml:SubjectConfirmation" minOccurs="0" maxOccurs="unbounded"/> <element ref="saml:AssertionSpecifier" minOccurs="0" maxOccurs="unbounded"/> </choice> </complexType> 1.1.1.1 Element <SubjectConfirmation> The <SubjectConfirmation> element specifies a subject by specifying data that authenticates the subject. <AuthenticationMethod>[Any number] Each <Authentication> element specifies a URI that identify a protocol that may be used to authenticate the subject. <SubjectConfirmationData>[Optional] Each <SubjectConfirmationData> element specifies additional authentication information used by a specific authentication protocol. <ds:KeyInfo>[Optional] An XML Signature <ds:KeyInfo> element that specifies a cryptographic key held by the subject. URIs identifying common authentication protocols are specified in Section 4 . The following schema defines the <SubjectConfirmation> element: <element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/> <complexType name="SubjectConfirmationType"> <sequence> <element ref="saml:AuthenticationMethod" maxOccurs="unbounded"/> <element name="SubjectConfirmationData" type="string" minOccurs="0"/> <element ref="ds:KeyInfo" minOccurs="0"/> </sequence> </complexType>
Phillip Hallam-Baker FBCS C.Eng. Principal Scientist VeriSign Inc. pba...@verisign.com 781 245 6996 x227 <<Phillip Hallam-Baker (E-mail).vcf>>