OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: [security-services] OASIS SSTC letter to authors of WS-Security(draft)

Is it our intent to move forward with the use of WS-Security for the SAML SOAP profile even if it is never taken over by a standards body? If the answer is no then we should probably state that directly by adding a sentence of the form...
 
"The OASIS Security Services Technical Committee feels that movement towards open standardization of WS-Security is a requirement for it to be incorporated into the upcoming SOAP profile for SAML."
 
If the answer is yes, then I'm concerned about the stability and adoption of it and the negative effect that could have on interoperability for the SAML SOAP profile.
 
-Allen
 
 -----Original Message-----
From: Mishra, Prateek [mailto:pmishra@netegrity.com]
Sent: Friday, June 14, 2002 9:05 AM
To: 'jpe_pato@hp.com'; 'security-services@lists.oasis-open.org'; 'Jeff.Hodges@sun.com'
Subject: [security-services] OASIS SSTC letter to authors of WS-Security (draft)

Folks,

 

this is the proposed text of the message we plan to send to WS-Security authors.
I am circulating it to the list as (1) we voted on the contents on the message, not
its exact form, so here is a last chance to object, (2) neither jeff nor joe was on the
call, so here is a chance for them to object.

 

Bob M. and Prateek

-----------------------------------------------------------------------------------------------------

 

 

In April 2002, Microsoft and IBM jointly published a document entitled

"Security in a Web Services World: A Proposed Architecture and

Roadmap" (http://www.verisign.com/wss/architectureRoadmap.pdf), and

Microsoft, IBM, and VeriSign published a companion specification, "Web

Services Security (WS-Security) Version 1.0"

(http://www.verisign.com/wss/wss.pdf). The OASIS Security Services

Technical Committee, which has produced the Security Assertion Markup

Language (SAML) specification, considers these documents to be

important contributions to web services security. The SSTC views the

WS-Security technical specification as complementary to SAML, and

intends to use WS-Security in specifying the use of SAML for adding

security features to SOAP messages.

The SSTC urges the authors of the WS-Security specification to submit

the specification to an open standards body for further development,

standardization, and building of industry consensus. In particular,

intellectual property rights issues regarding this specification and

its technologies should be addressed to enable broad use of this work.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC