element indicates the identity of the client who is making a request. The server may use this to parameterize any aspect of its processing. Profiles that make use of this element MUST define its semantics.
The child element can be used by profiles to carry information related to the claimed identity. One possible use of is to carry authentication data that authenticates the request as originating from the claimed identity (examples of authentication data include a password or SAML Assertion [SAMLCore1.1], or a signature or MAC calculated over the request using a client key).
The claimed identity may be authenticated using the security binding, according to section 6, or using authentication data provided in the element. The server MUST check that the asserted is authenticated before relying upon the .
The element indicates which language the client would like to receive InternationalStringType values in. The server should return appropriately localized strings, if possible.
The element can appear multiple times in a request. It indicates additional profiles which modify the main profile specified by the Profile attribute (thus the Profile attribute MUST be present; see sections 3.1 and 4.1 for details of this attribute). The interpretation of additional profiles is determined by the main profile.
The element provides an in band mechanism for communicating XML schemas required for validating an XML document.
An XML schema is itself an XML document, however, only the following attributes, defined in dss:DocumentType, are meaningful for the element:
Used by relying XML document to identify a schema.
The target namespace of the schema (i.e. the value of the targetNamespace attribute).
MUST NOT be used.
MUST NOT be used.
Note: It is recommended to use xml:id as defined in [xml:id] as id in the payload being referenced by a , because the schema then does not have to be supplied for identifying the ID attributes.
2.9Common Optional Outputs
These optional outputs can be used with both the signing protocol and the verifying protocol.
The element is typically used as an optional input in a . However, there are situations where it may be used as an optional output. For example, a service that makes use of the mechanism may, after verifying a signature over an input document, generate a signature over a document of a different schema than the input document. In this case the element MAY be used to communicate the XML schemas required for validating the returned XML document.
For a description of the element see section 2.8.5.