Jeff, That wording looks OK to me. One additional point to consider, but I think it's marginal: the case when the default namespace is a SAML namespace. (In practice, I think anyone who knows enough about XML to use this stuff will understand that case is implied, but maybe it's better to be explicit.) #g -- At 11:52 06/09/04 -0700, you wrote:
I'm a bit concerned that this might be read as asserting that a application/samlassertion+xml object must use the specific namespace prefix "saml", rather than any namesp[ace prefix that maps to a SAML namespace URI.
good catch, thanks.
Assuming this is not being claimed, I'd suggest: [[ Additional information:
Magic number(s): In general, the same as for application/xml [RFC3023]. In particular, the XML root element of the returned object will be <saml:Assertion>, where "saml" as any namespace prefix that maps to a version-specific SAML assertion namespace URI, as defined by the appropriate SAML "core" specification (see bibliography). In the case of SAMLv2.0, the root element of the returned object may be either <saml:Assertion> or <saml:EncryptedAssertion>, where "saml" is a prefix that maps to the SAMLv2.0 assertion namespace URI: urn:oasis:names:tc:SAML:2.0:assertion. ]]
how 'bout this build:
Magic number(s): In general, the same as for application/xml [RFC3023]. In particular, the XML root element of the returned object will be <saml:Assertion>, where "saml" represents any XML namespace prefix that maps to a version-specific SAML assertion XML namespace URI, as defined by the appropriate version-specific SAML "core" specification (see bibliography).
With SAMLv2.0 specifically, the root element of the returned object may be either <saml:Assertion> or <saml:EncryptedAssertion> , where "saml" is an XML namspace prefix that maps to the SAMLv2.0 assertion namespace URI: urn:oasis:names:tc:SAML:2.0:assertion.
?
thanks,
JeffH
------------ Graham Klyne For email: http://www.ninebynine.org/#Contact