security-services message

Subject: RE: [security-services] Roles for SAML 2.0 Metadata

From: Anthony Nadalin <drsecure@us.ibm.com>
To: <security-services@lists.oasis-open.org>
Date: Mon, 29 Dec 2003 20:25:38 -0600

No I understood the purpose of the role, I still have a problem with the "meta role" restriction, I don't understand why the restriction.

Anthony Nadalin | work 512.436.9568 | cell 512.289.4122
"Jahan Moreh" <jmoreh@sigaba.com>

"Jahan Moreh" <jmoreh@sigaba.com>
12/19/2003 12:53 PM
Please respond to jmoreh

To: Anthony Nadalin/Austin/IBM@IBMUS, <security-services@lists.oasis-open.org>
cc:
Subject: RE: [security-services] Roles for SAML 2.0 Metadata

Anothny -
I think you may have misunderstood my message. The concept of a "role" in this case is really that of a "participant". I.e., we are talking about the role that a SAML participant would take in communicating with another "participant". May be "participant" is also not a good name; may be we should call it a "meta role". In any case, this is specifcally NOT an arbitrary role that can be specified in an attribute assertion.

Jahan

------
Jahan Moreh
Chief Security Architect
310.286.3070

-----Original Message-----

From:

Anthony Nadalin [mailto:drsecure@us.ibm.com]

Sent:

Friday, December 19, 2003 8:09 AM

To:

security-services@lists.oasis-open.org

Subject:

Re: [security-services] Roles for SAML 2.0 Metadata

Why is this restricted to any role this seems like an artifact of Liberty ? These should just be attribute assertions that any role can use.

Anthony Nadalin | work 512.436.9568 | cell 512.289.4122
"Jahan Moreh" <jmoreh@sigaba.com>

"Jahan Moreh" <jmoreh@sigaba.com>
12/16/2003 01:48 PM
Please respond to jmoreh

To: <security-services@lists.oasis-open.org>
cc:
Subject: [security-services] Roles for SAML 2.0 Metadata

Colleagues - During our focus group discussion of today (December 16), we recognized the need for specifying metadata for various roles. Our discussion lead us to believe that SAML 2.0 metadata should recognize the following roles: 1. Identity provider 2. Service provider 3. Attribute provider Do people have any thoughts/comments on this matter? Thanks, Jahan ------ Jahan Moreh Chief Security Architect 310.286.3070 To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go tohttp://www.oasis-open.org/apps/org/workgroup/security-services/members/leave_workgroup.php.

Follow-Ups:
- RE: [security-services] Roles for SAML 2.0 Metadata
  - From: "Jahan Moreh" <jmoreh@sigaba.com>

References:
- RE: [security-services] Roles for SAML 2.0 Metadata
  - From: "Jahan Moreh" <jmoreh@sigaba.com>