OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Next rev of the SAML FAQ


Hi folks-- I'd like to get some help from you all as I revise the SAML 
FAQ.  Its first version was just to get something out there; now we need 
to upgrade it considerably, something I hope to do before the December 
holidays.  You can find it here:

   http://www.oasis-open.org/committees/security/faq.php

The questions currently covered are as follows:

1. General
     Q: What is SAML?
     Q: What is the need for this specification?
     Q: What has the SAML TC produced to date and what is the roadmap?
     Q: Who should be involved in this effort?
     Q: Who will benefit from this work and how?
     Q: How does this work compare with related efforts at other
        standard organizations?
2. Technical
     Q: What is the connection between acts of authentication and SAML
        authentication assertions?
     Q: How does SAML protect against "man-in-the-middle" and "replay"
        security attacks in general?
     Q: How is trust established between a client and a SAML authority?
     Q: Will SAML PDPs need to be configured to understand only selected
        authorization decision queries?
     Q: I don't currently use SOAP. Do I need to invent my own protocol
        for requesting and getting SAML assertions?

Can you all please send me, in private email, the questions that you 
have heard from customers/developers or wondered about yourself?  And, 
of course, if you have any comments on the existing questions and 
answers, send them my way.  You may want to ask your marketing folks for 
input on this; feel free to forward.

Thanks,

	Eve
-- 
Eve Maler                                        +1 781 442 3190
Sun Microsystems                            cell +1 781 354 9441
Web Products, Technologies, and Standards    eve.maler @ sun.com



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]