OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: RE: [security-services] SAML Outreach Whitepaper


Darren,

	Good paper.

	Here are some parts of my presentation next week. I pieced them together
from Eve's presentation and other SAML resources. I have a couple of use
cases as well. If you think they would fit in, I could expand them.

cheers

 | -----Original Message-----
 | From: Platt, Darren [mailto:dplatt@rsasecurity.com]
 | Sent: Friday, January 04, 2002 10:54 AM
 | To: 'security-services@lists.oasis-open.org'
 | Subject: [security-services] SAML Outreach Whitepaper
 |
 |
 | Attached you will find a draft of the SAML whitepaper I've been
 | working on.
 | It still needs some wordsmithing - any suggestions are welcome.
 |
 | I tried to keep this high-level enough to hit the 'lowest common
 | denominator' among its readers.  I think a lot of people will be
 | focusing on
 | how SAML fits their business requirements(esp. project liberty
 | members) and
 | not all of them will be very technical, and some of them will not have a
 | background in security.  So I wanted to beat them over the head
 | a little bit
 | with the business relevence - let me know if you think too much.  Also
 | didn't want to get too detailed on the technology so as to scare those
 | people off.
 |
 | I probably have to work on consistency in the tense (future vs. present)
 | I've used.  I think it's probably best to talk about SAML in
 | present tense -
 | in other words saying "SAML does ...", instead of "SAML will do
 | ..." - but
 | I'm not sure.  Is there a commonly used convention for this that I don't
 | know about?
 |
 | I was also thinking of putting the producer/consumer (Domain) model in an
 | appendix too - anybody think that would be too much info?
 |
 | Any better or additional examples (about how SAML will be used)
 | you may have
 | would be great.  Also please let me know if you have any
 | suggestions for the
 | examples that are in there as well.
 |
 | I still need to make sure the example assertions (in the
 | Appendix) are still
 | accurate - 'borrowed' them from Eve's presentation so not sure how dated
 | they are.
 |
 | I guess I should include a "Reference" or "Further Reading" section with:
 | 	- OASIS website
 | 	- SSTC home page
 | 	- SSTC Docs Page
 | 	- Core 21, Bindings 7
 | 	- Producer/Consumer-Domain Model
 | 	- anything else?
 |
 | Should I say anything about SAML's status?
 |
 | Thanks,
 |
 | Darren
 |
 | ------------
 | Darren Platt
 | Technical Evangelist
 | RSA Security
 | direct: 415.652.2677
 | dplatt@rsasecurity.com
 |
 |

SAMLIdeas.zip

UseCase1.jpg

UseCase2.jpg

UseCase3.jpg



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC