
I'm a bit concerned that this might be read as asserting that a application/samlassertion+xml object must use the specific namespace prefix "saml", rather than any namesp[ace prefix that maps to a SAML namespace URI.
good catch, thanks.
Assuming this is not being claimed, I'd suggest: [[ Additional information:
Magic number(s): In general, the same as for application/xml [RFC3023]. In particular, the XML root element of the returned object will be <saml:Assertion>, where "saml" as any namespace prefix that maps to a version-specific SAML assertion namespace URI, as defined by the appropriate SAML "core" specification (see bibliography). In the case of SAMLv2.0, the root element of the returned object may be either <saml:Assertion> or <saml:EncryptedAssertion>, where "saml" is a prefix that maps to the SAMLv2.0 assertion namespace URI: urn:oasis:names:tc:SAML:2.0:assertion. ]]
how 'bout this build: Magic number(s): In general, the same as for application/xml [RFC3023]. In particular, the XML root element of the returned object will be <saml:Assertion>, where "saml" represents any XML namespace prefix that maps to a version-specific SAML assertion XML namespace URI, as defined by the appropriate version-specific SAML "core" specification (see bibliography). With SAMLv2.0 specifically, the root element of the returned object may be either <saml:Assertion> or <saml:EncryptedAssertion> , where "saml" is an XML namspace prefix that maps to the SAMLv2.0 assertion namespace URI: urn:oasis:names:tc:SAML:2.0:assertion. ? thanks, JeffH