Just some small editorial suggestions... Section 3, third paragraph, "However for other name formats, including...", strike "for".
Same paragraph, the sentence "So, based on who is named by the name, the semantics of the attribute can be determined." doesn't read terribly well. Which "name" are we talking about? I think you mean the name of the issuer, not the name of the attribute, but it's unclear since the document as a whole is mostly about attribute naming. Section 4, fourth paragraph, "trust context is an important part of the context", I suggest "trust context is an important part of this overall context". Same paragraph, there's a "AA" missing a third A. Substantive questons on section 6: I think you're proposing the name "urn:ietf:params:gss-eap:saml-aaa-assertion" be shared by both GSS-EAP and GSS-SAML-EC? I'm not a name bigot, I don't much care about it, but I wonder about the use of both gss-eap and moreso "-aaa-" in a name used with a mechanism that's neither EAP nor AAA. Is there a reason not to just use a more generic name? I note in particular the "-aaa-" part is missing from the SAML attribute section 6.2 constant, so maybe this was an oversight. They should be consistent in any case. There's also the question of value representation. Is the intent here to capture the value as expressed in XML directly, or the value subsequent to local processing such as a SAML implementation might perform? I think we need to say something, but I'll refrain from suggesting anything until we answer that question. Finally, I would add a third section to cover SAML NameID elements. A lot of SAML implementations do a poor job with attributes, and I've tended to always cover NameIDs in a consistent way to make sure those are handled uniformly so relying parties can deal with either. The value issue is also a consideration here, so I can propose text once we settle that. In terms of naming, the <NameID>'s Format attribute is essentially the unique name you want, so it's a two part name, probably "urn:ietf:params:gss-eap:saml-nameid" and then the Format. -- Scott _______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
