[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: SAML interop decision checklist
The SSTC has been working on this under the name of Metadata. Check out: http://www.oasis-open.org/apps/org/workgroup/security/download.php/1924/draf t-sstc-saml-meta-data-06.doc Hal > -----Original Message----- > From: Michael.Mccormick@WellsFargo.COM > [mailto:Michael.Mccormick@WellsFargo.COM] > Sent: Monday, May 19, 2003 3:55 PM > To: saml-dev@lists.oasis-open.org; liberty-review-project@ls.fstc.org > Cc: Jim.Majure@mortgage.wellsFargo.COM; goldenbj@WellsFargo.COM > Subject: SAML interop decision checklist > > > We all know SAML compliance != interoperability. Two SSO > products could be > "SAML compliant" yet be totally unable to support intersite transfer of a > user from one to the other. This is because SAML is a framework > that leaves > many decisions to the implementer. > > Based on all the interop activity, did anyone capture a checklist or > guidelines for the key decisions / agreements that must be made by the > participating parties in order to interoperate under the browser profile? > > I'm talking about decisions like: > 1. Digital signing - how much (if at all)? which elements? > 2. Mutual SSL > 3. Recognized CA & revocation check process for certs > 4. SAML source ID convention > 5. Schema validation > 6. SAML extensions > 7. User naming conventions > 8. Logoff coordination > 9. Redirect URLs for certain events > > etc. etc. A checklist or simple Interop Cookbook would be really > valuable. > > > Michael McCormick > System Architect > Wells Fargo Services Company > Enterprise Architecture > 100 Washington Avenue South, Suite 606 > MAC N9327-060 > Minneapolis MN 55479 > > * 612-667-9227 (voice) > > * 612-590-1437 (cell) > * 612-621-1318 (pager) > > * 612-667-7642 (fax) > > * mailto://michael.mccormick@wellsfargo.com > > * m.mccormick@acm.org > "THESE OPINIONS ARE STRICTLY MY OWN AND NOT NECESSARILY THOSE OF WELLS > FARGO" > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: saml-dev-unsubscribe@lists.oasis-open.org > For additional commands, e-mail: saml-dev-help@lists.oasis-open.org > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]