[OGSA-AUTHZ] VO SAML Attribute Profile
Krzysztof Benedyczak
golbi at mat.uni.torun.pl
Tue Feb 5 17:04:34 CST 2008
Hello,
Tom Scavo wrote:
> A URL need not be resolvable. SAML, for example, recommends URLs for
> entityIDs (which are formally required to be URIs).
I'm not really sure what SAML authors thought when writing the
recommendation you mention:
"It is RECOMMENDED that a system entity use a URL containing its own
domain name to identify itself."
- for me it means that whenever possible to use locator - go on and use
it. Anyway URL is an informal concept and my personal feeling about it
is exactly as in RFC 3305.
But as we have your updated proposition below, I think that we can
safely skip this topic.
[CUT]
> Okay, let me propose the following compromise:
>
> group://voservice.uiuc.edu/gisolve.org/uiuc.edu/geog602#student
>
> In the case where the voservice is irrelevant or unnecessary, this
> reduces to
>
> group:///gisolve.org/uiuc.edu/geog602#student
>
> In fact, the syntax is exactly the same as the well-known file: URIs.
>
>
> What do you think? Is this better?
Definitively.
>> however at least partial compatibility with MACE-dir is tempting
>> too - that's why we proposed @ notation.
>
> I think we should give this profile our best shot, and then I'd be
> happy to carry it forward to MACE-Dir for further discussion.
Sounds good.
Best regards
Krzysztof
More information about the ogsa-authz-wg
mailing list