OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Updated Work Item and Use-Case List

I have updated the work item and use-case list. I have also added some
comments in terms of the disposition of the various use-cases etc. The model
here is that in some cases we only need to reconcile the various use-cases,
whereas in other cases we need to choose between them by voting.

- prateek


This document summarizes active work items and relevant use-cases. If there is a work-item I 
have missed, or you feel should be live, this is the time to speak up.

In some cases, the use-case is obvious
(e.g., flows from SP to IdP); in other cases, there is only a single use-case;
finally, there are work items where there a range of use-cases. 

In these cases, we may need to vote to decide on the scope of the item. However, sometimes multiple use-cases
reflect very problem scenarios and simply need to be reconciled. 

I have added annotations under the heading DISPOSITION to each work item reflecting my judgement in this space. 
Work items with multiple use-cases are marked either as "VOTE" or "RECONCILE". Of course, the TC may choose to change
these annotations.

I have included all of the work items with links to use-cases. Every referenced document is available from the OASIS repository.

----------------------------------------------------------------------------------------------------

W-1 Session Support

UC-W1-1: Base use case --- Support for Sessions as found in ID-FF 1.1

Described in Sections 3.2.4, 5.6 of liberty-architecture-overview-v1.1.pdf

I believe session-related requirements of use-case document 
http://lists.oasis-open.org/archives/security-services/200310/doc00000.doc
are also fully met by this architecture.


UC-W1-2: Advanced support for sessions -- time-out and session linking

draft-session-management-02

and

http://lists.oasis-open.org/archives/security-services/200310/doc00001.doc


DISPOSITION: VOTE ON WHETHER TO INCLUDE ADVANCED SUPPORT FOR SESSIONS

------------------------------------------------------------------------------------------------

W-2 Identity Federation

UC-W2-1: Base use case -- as described in ID-FF 1.1

Section 3.2.1, Section 5.4 of liberty-architecture-overview-v1.1.pdf

UC-W2-2: Extension to include use of "one-time identifier

http://lists.oasis-open.org/archives/security-services/200310/doc00002.doc

DISPOSITION: RECONCILE

------------------------------------------------------------------------------------------------

W-2a SSO with Attribute Exchange

UC-W2a-1: Use case is described in sstc-sso-attribute-exchange-02

--------------------------------------------------------------------------------------------

W-3: Meta-data and Exchange Protocol

UC-W3-1: 

sstc-cantor-w3-metadata-01

and also in

http://lists.oasis-open.org/archives/security-services/200311/msg00018.html

DISPOSITION: RECONCILE


-------------------------------------------------------------------------------------------

W-4: Protocol Enhancements for Metadata

This item does not require a use-case; it is a work item that is a consequence of W3

--------------------------------------------------------------------------------------------


W-5: SSO Profile Extensions

UC-W5-1: Add flows from SP to IdP in SAML 2.0
http://lists.oasis-open.org/archives/security-services/200310/4

DISPOSITION: Combine with W-5a and VOTE
------------------------------------------------------------------------------------------

W-5a: Enchanced Client Profiles

UC-W5a-1: LECP use-case is described in
03-09-18-lecp-proposal-v4.pdf


W5a-2: Generic SOAP client use-case
http://lists.oasis-open.org/archives/security-services/200310/doc00003.doc

DISPOSITION: VOTE ON WHICH SSO PROFILE EXTENSIONS TO INCLUDE IN SAML 2.0

-----------------------------------------------------------------------------------------

W-7: Discovery Protocol

UC-W7-1: ID-FF 1.1 descibes the use-case of finding an identity provider when at an SP
Section 5.5, liberty-architecture-overview-v1.1.pdf

----------------------------------------------------------------------------------------

W-8: Authentication Context

UC-W8: We need some way to indicate both requested authentication strength (from the SP)
and report on authentication strength.(IdP)

http://lists.oasis-open.org/archives/security-services/200310/msg00216.html

--------------------------------------------------------------------------------------

W-15: Delegation and Intermediaries

UC-W15: This use-case involves the situation where a user is delivering assertions, via a browser,
to a middle-tier component which needs to "forward" the assertions to a back-end system.

http://lists.oasis-open.org/archives/security-services/200310/msg00194.html

--------------------------------------------------------------------------------------

W-17: Credential Collector and Assertions

UC-W17: oasis-sstc-v2.0-credentials_collector-use_cases-moses-02

------------------------------------------------------------------------------------

W-19: HTTP-Based Assertion Referencing



W-19-1: Scheme for retrieving SAML assertions using a HTTP GET
        draft-sstc-assertion-uri-01 

------------------------------------------------------------------------------------

W-21 Baseline Attribute Namespaces

UC-W21-1: Convention for use of X500/LDAP Attribute Types in SAML
http://www.oasis-open.org/apps/org/workgroup/security/download.php/4124/draft-morgan-saml-attr-x500-00.pdf

UC-W21-2: Proposes going beyond X500/LDAP to RDB and/or UDDI
http://lists.oasis-open.org/archives/security-services/200311/msg00010.html

DISPOSITION: VOTE ON WHETHER TO GO BEYOND X500/LDAP 

-----------------------------------------------------------------------------------

W-25: Kerberos Support

UC-W25-1: Bridge Server Use-Case



UC-W25-2: Browser/Kerberos Use-Case

both are described in draft-sstc-use-kerberos-01.pdf

DISPOSITION: VOTE ON WHICH USE-CASES TO INCLUDE IN SAML 2.0

--------------------------------------------------------------------------------------

W-28a: Attribute Reconciliation

UC-28a-1: 28b-draft-solution-0[1].1.pdf

UC-28a-2: sstc-cantor-w28a-attrib-01.pdf

UC-28a-3: http://lists.oasis-open.org/archives/security-services/200311/msg00015.html

DISPOSITION: RECONCILE


--------------------------------------------------------------------------------------

W-28d: IssuerName Enhancement


UC-28d-1: Use-case and solution proposal in

28d-draft-solution-0[1].1


-------------------------------------------------------------------------------------

W-30: Migration Paths


Use-Case pending finalization of SAML 2.0 work items and scope

-----------------------------------------------------------------------------------

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]