OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [security-services] Groups - sstc-saml-conform-1[1].1-draft-04.doc uploaded


Hi Prateek,

I'm fine with most of the changes you made to the conformance spec, but I
don't really agree with the following one: "For convenience, we will refer
to a SAML request as an Authentication, Attribute, AuthorizationDecision,
IDReference or Artifact query with the obvious meaning."  

While this is fine for authn, attributes, and authz decision queries, I
don't think ID references and Artifact should be in the list.  They are
specific types of "requests", not queries".  Eve had actually made a number
of edits in draft-02 as a result of some committee and list discussion to
remove some of the exact phrasing you put back in.  This was done in order
to be more precise.

I also noticed you added 2 additional lines (4 new test cases) to table 1.
While this might actually be the right types of changes to make, I think the
last call process requires that we should have discussed the proposed
changes on the list and confirm them at a meeting before making the changes.
I personally thought they were a bit more than editorial since they added
test cases.  Note that I'm actually fine with the first of these (Assertion
ID Reference producer and consumer), but the other one (assertion artifact)
seems to be somewhat redundant with the Browser/artifact Profile test cases
which address that request, although some clarifying text would be useful in
that one also. 

I'll add this to the agenda for discussion at tomorrow's meeting.

Rob Philpott 
RSA Security Inc. 
The Most Trusted Name in e-Security 
Tel: 781-515-7115 
Mobile: 617-510-0893 
Fax: 781-515-7020 
mailto:rphilpott@rsasecurity.com 


> -----Original Message-----
> From: pmishra@netegrity.com [mailto:pmishra@netegrity.com]
> Sent: Monday, May 19, 2003 2:01 PM
> To: security-services@lists.oasis-open.org
> Subject: [security-services] Groups - sstc-saml-conform-1[1].1-draft-
> 04.doc uploaded
> 
> The document sstc-saml-conform-1[1].1-draft-04.doc has been submitted by
> Prateek Mishra (pmishra@netegrity.com) to the Security Services TC
> document repository.
> 
> Document Description:
> Updates based on comments received during last call
> 
> Download Document:
> http://www.oasis-
> open.org/apps/org/workgroup/security/download.php/2129/sstc-saml-conform-
> 1%5B1%5D.1-draft-04.doc
> 
> View Document Details:
> http://www.oasis-
> open.org/apps/org/workgroup/security/document.php?document_id=2129
> 
> 
> PLEASE NOTE:  If the above links do not work for you, your email
> application
> may be breaking the link into two pieces.  You may be able to copy and
> paste
> the entire link address into the address field of your web browser.
> 
> -OASIS Open Administration
> 
> 
> You may leave a Technical Committee at any time by visiting
> http://www.oasis-open.org/apps/org/workgroup/security-
> services/members/leave_workgroup.php


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]