[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: What shall we name our specification(s)?
Security Assertion Service Specification (SASS) ????? Authorization Assertion Service Specification (A2S2) ???? Phill > -----Original Message----- > From: christopher ferris [mailto:chris.ferris@east.sun.com] > Sent: Monday, January 29, 2001 5:13 PM > To: security-services@lists.oasis-open.org > Subject: Re: What shall we name our specification(s)? > > > Yes, but I thought that since we're designing > more than just a ML (e.g. we're attributing it with > protocol semantics) that the "ML" in the name was > too constraining. > > SAXP or Security Assertion eXchange Protocol would be > closer to what we're about, IMHO. > > Of course, this name omits the "Service" aspect > which is, I believe, one of the compelling aspects > of all of this work. Defining an interoperable service > "interface" (the Auth/Az Request/Response pairs) is as important > an aspect as the exchange of the assertions themselves > as it will allow for the development/migration of applications > that can delegate these (Auth o/e) functions to a blankety-blank > compliant service provider. > > Maybe Security Assertion Service and eXchange Protocol > (SASXP)? > > My $0.02, > > Chris > > George_Robert_Blakley_III@tivoli.com wrote: > > > > I second Marc's nomination here (in fact I think I > suggested the same > > thing). I think "SAML" is the most descriptive > > and accurately-scoped alternative. > > > > --bob > > > > Bob Blakley > > Chief Scientist, Security > > Tivoli Systems, Inc. > > > > "Chanliau, Marc" <MChanliau@netegrity.com> on 01/29/2001 03:56:11 PM > > > > To: "Orchard, David" <dorchard@jamcracker.com>, Philip > Hallam-Baker > > <pbaker@verisign.com>, "'Eve Maler'" <eve.maler@east.sun.com>, > > security-services@lists.oasis-open.org > > cc: > > Subject: RE: What shall we name our specification(s)? > > > > How about SAML (Security Assertion Markup Language). > > Marc Chanliau > > -----Original Message----- > > From: Orchard, David [mailto:dorchard@jamcracker.com] > > Sent: Monday, January 29, 2001 4:44 PM > > To: Philip Hallam-Baker; 'Eve Maler'; > > security-services@lists.oasis-open.org > > Subject: RE: What shall we name our specification(s)? > > > > I know you are keen on getting the focus on authorization, > but I'm not too > > interested in dropping authentication and keeping > authorization. Either > > authent +author, or neither would be my interest. > > > > Dave > > > > -----Original Message----- > > From: Philip Hallam-Baker [mailto:pbaker@verisign.com] > > Sent: Monday, January 29, 2001 12:23 PM > > To: 'Eve Maler'; security-services@lists.oasis-open.org > > Subject: RE: What shall we name our specification(s)? > > > > My objection to A2ML was that specifying Authentication in > the name to me > > implies that we would be supporting authenticated key > exchange, which is > > something I don't want to do in an OASIS group, that is > something I would > > prefer to do in a closed group of cryptographers and > network security > > protocol engineers. > > > > On the other hand "Authorization Assertion Markup > Language" would have the > > initials A2ML, thus indicating the warm touchy feely get > together vibes > > people want, being clearly a descendent of S2ML and Auth > XML (whose current > > voting success I take note of). > > > > Does anyone else have definite feelings towards the > binding of the second > > A? > > > > Phill >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC