shibboleth-dev - RE: XACML method of referencing X.500-defined attribute types
Subject: Shibboleth Developers
List archive
- From: Scott Cantor <>
- To: 'RL 'Bob' Morgan' <>, 'Shibboleth Design Team' <>
- Subject: RE: XACML method of referencing X.500-defined attribute types
- Date: Thu, 13 Feb 2003 10:58:53 -0500
- Importance: Normal
- Organization: The Ohio State University
> Where a suitable attribute is already defined in LDAP
> [LDAP-1, LDAP-2],
> the XACML identifier SHALL be formed by adding the
> attribute name to the
> URI of the LDAP specification. For example, the attribute name for
> the userPassword defined in the rfc2256 SHALL be:
>
> http://www.ietf.org/rfc/rfc2256.txt#userPassword
My strawman was basically something like:
urn:mace:shibboleth:attribute:LDAP:objectClass:attrName
But I see that in X.500, attributes don't really have identity within a
class, the class just arbitrarily groups them.
-- Scott
------------------------------------------------------mace-shib-design-+
For list utilities, archives, subscribe, unsubscribe, etc. please visit the
ListProc web interface at
http://archives.internet2.edu/
------------------------------------------------------mace-shib-design--
- XACML method of referencing X.500-defined attribute types, RL 'Bob' Morgan, 02/13/2003
- RE: XACML method of referencing X.500-defined attribute types, Scott Cantor, 02/13/2003
Archive powered by MHonArc 2.6.16.