[mdx] EntityAttributes support
Leif Johansson
leifj at it.su.se
Fri Jun 19 07:57:44 PDT 2009
On Tuesday 19 May 2009 23.52.35 Scott Cantor wrote:
> I just checked in the change to implement the extraction of metadata
> attributes/assertions in the SP per the draft, in place of the limited
> support I had in 2.1.
>
> In particular, I just went for broke and implemented complete evaluation of
> assertions inside the attribute extraction step, with a dedicated metadata
> provider, and optionally a dedicated trust engine and attribute filter, so
> you can separate all that logic from regular SP trust processing rules.
>
> The only "hack" was that I had to decide how to represent the metadata of
> an issuer of entity attribute assertions, so I picked an
> AttributeAuthorityDescriptor as the closest fit. I could do an additional
> metadata role extension for this if people don't like that idea. A
> "MetadataAuthorityDescriptorType"? Seems like the AA role is good enough,
> it's limited to attribute statements anyway.
An AA sounds like close enough of a match to me.
Cheers Leif
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.iay.org.uk/pipermail/mdx-iay.org.uk/attachments/20090619/f2c4bf52/attachment-0002.pgp>
More information about the mdx
mailing list