|
0162: Proposal to replace SAML AuthenticationMethod
Ids
|
|
Owner: John Kemp
|
|
Status: Open
|
|
Assigned: 11 May 2004
|
|
Due: ---
|
|
Comments:
Prateek Mishra 2004-05-11 05:37 GMT
Replace AuthNMethod Ids by AuthNContext
framework
|
|
|
|
#0160: Separate Privacy concerns language from
Element/Attribute descriptions
|
|
Owner: Prateek Mishra
|
|
Status: Open
|
|
Assigned: 30 Apr 2004
|
|
Due: ---
|
|
Comments:
Prateek Mishra 2004-04-30 18:14 GMT
Jeff H - We need to highlight privacy considerations related to core, could
be notes in core, could be section.
*** AI: Prateek - will generate list potential changes from core
|
|
|
|
#0158: Propose changes to definition of Federation in
glossary
|
|
Owner: Prateek Mishra
|
|
Status: Open
|
|
Assigned: 30 Apr 2004
|
|
Due: ---
|
|
Comments:
|
|
|
|
#0157: Define Binding and Profile in Glossary
|
|
Owner: Jeff Hodges
|
|
Status: Open
|
|
Assigned: 30 Apr 2004
|
|
Due: ---
|
|
Comments:
Prateek Mishra 2004-04-30 18:10 GMT
o "atomic unit of interoperability" proposed
|
|
|
|
#0154: Schema changes so that AuthenticationMethod
and AuthContext are parallel choices
|
|
Owner: John Kemp
|
|
Status: Open
|
|
Assigned: 30 Apr 2004
|
|
Due: ---
|
|
Comments:
Prateek Mishra 2004-04-30 17:58 GMT
We need to resolve if we will deprecate SAML AuthenticationMethod
*** AI: On hold - make schema changes so that AM and AuthContext
are parallel choices
|
|
|
|
#0151: Limit number of supported combinations
|
|
Owner: Prateek Mishra
|
|
Status: Open
|
|
Assigned: 29 Apr 2004
|
|
Due: ---
|
|
Comments:
Prateek Mishra 2004-04-29 22:04 GMT
o PM- just because we can do it 3 ways doesn't mean
we have to define them as SAML approved. Need to pull their weight. Somebody
needs to drive this discussion. So who is going to this?
*** AI: Prateek takes ownership of driving a discussion on limiting
combinations.
|
|
|
|
#0150: Relax Single AuthNStatement
Constraint
|
|
Owner: Scott Cantor
|
|
Status: Open
|
|
Assigned: 29 Apr 2004
|
|
Due: ---
|
|
Comments:
Prateek Mishra 2004-04-29 22:02 GMT
o SC- Response Profile more extensive than that for AuthnRequest
o IR - the restriction that there be only a single AuthenticationStatement
is too strict, SC- OK (will change)
*** AI: Scott: Relax AuthenticationStatement
Occurrence
|
|
|
|
#0147: Chairs to solicit comment from saml-dev
on gzip encoding
|
|
Owner: Prateek Mishra
|
|
Status: Open
|
|
Assigned: 29 Apr 2004
|
|
Due: ---
|
|
Comments:
Prateek Mishra 2004-04-29 21:57 GMT
Prateek wants to avoid having multiple encoding methods, and a working
consensus in favor of the gzip approach appears to
be developing.
o Jeff Hodges suggests that implementers' comments
be solicited, and Prateek recommends that the chairs send a message to the saml-dev list.
*** AI: Chairs to solicit comments.
|
|
|
|
#0146: SOAP Binding works with WSS Model
|
|
Owner: Hal Lockhart
|
|
Status: Open
|
|
Assigned: 29 Apr 2004
|
|
Due: ---
|
|
Comments:
Prateek Mishra 2004-04-29 21:54 GMT
*** AI: Hal: Look at SOAP binding and make sure hand waving on WS-Security
works.
|
|
|
|
#0145: Encryption Schema and Examples
|
|
Owner: Hal Lockhart
|
|
Status: Open
|
|
Assigned: 29 Apr 2004
|
|
Due: ---
|
|
Comments:
Prateek Mishra 2004-04-29 21:53 GMT
Hal: Summary: agreement to encrypt SAML Attribute Statement. Allow encryption
of Assertion Statement, NameIdentifier and
Attribute Statement.
*** Follow-up: Need schema and some examples.
|
|
|
|
#0144: Explain optional subject decision
|
|
Owner: Eve Maler
|
|
Status: Open
|
|
Assigned: 29 Apr 2004
|
|
Due: ---
|
|
Comments:
Prateek Mishra 2004-04-29 21:51 GMT
*** AI: Eve: Optional subject implemented in core spec prose. Schema shows
that subject is optional.
o Eve: Has wanted to create a rationale for some of the decisions made on
spec. Decision on subject less statements is a good example of what needs to
be documented. Making an explicit design decision that is not really explicit
on. By choosing to add prose to core spec we're making a stealth abstract
profile (generic design decision) that applies to all explicit profiles.
o Scott: data model (design) decision to require
subjects in all SAML statements.
|
|
|
|
#0143: Check SAML schema for consistency
|
|
Owner: Eve Maler
|
|
Status: Open
|
|
Assigned: 29 Apr 2004
|
|
Due: ---
|
|
Comments:
Prateek Mishra 2004-04-29 21:49 GMT
*** Follow-up: Examine SAML schema for consistent use of XML attributes vs.
elements
|
|
|
|
#0141: Review/fix boilerplace
text for Artifact Protocol
|
|
Owner: Eve Maler
|
|
Status: Open
|
|
Assigned: 27 Apr 2004
|
|
Due: ---
|
|
Comments:
Prateek Mishra 2004-04-27 15:24 GMT
o Prateek: Should we sign or authenticate?
***Follow-up: Review/fix boilerplate text re: recommendation for protecting
messages
|
|
|
|
#0138: Schema snippet for UID Attribute Profile
|
|
Owner: Scott Cantor
|
|
Status: Open
|
|
Assigned: 27 Apr 2004
|
|
Due: ---
|
|
Comments:
Prateek Mishra 2004-04-27 15:10 GMT
XML schema for UID/OID plus friendly name
|
|
|
|
#0137: Propose text for core on validity of assertions
|
|
Owner: Bob Morgan
|
|
Status: Open
|
|
Assigned: 27 Apr 2004
|
|
Due: ---
|
|
Comments:
Prateek Mishra 2004-04-27 15:07 GMT
http://lists.oasis-open.org/archives/security-services/200404/msg00048.html
|
|
|
|
#0134: Availability of GZIP Implementations
|
|
Owner: Greg Whitehead
|
|
Status: Open
|
|
Assigned: 27 Apr 2004
|
|
Due: ---
|
|
Comments:
Prateek Mishra 2004-04-27 14:58 GMT
- Greg to ensure that readily available GZIP implementations
can conform to our description in bindings
|
|
|
|
#0132: Text to explain privacy reqts
when using certain NameFormat values
|
|
Owner: John Kemp
|
|
Status: Open
|
|
Assigned: 13 Apr 2004
|
|
Due: ---
|
|
Comments:
|
|
|
|
#0131: Migration document describing changes to subject in
SAML 2.0
|
|
Owner: Jeff Hodges
|
|
Status: Open
|
|
Assigned: 13 Apr 2004
|
|
Due: ---
|
|
Comments:
Prateek Mishra 2004-04-13 04:31 GMT
Explain how treatment of subjects have changed in going from SAML 1.X
to SAML 2.0. This might be an action for Scott?
|
|
|
|
#0130: Respond to paper on SAML 1.1 Browser Profiles
|
|
Owner: Prateek Mishra
|
|
Status: Open
|
|
Assigned: 29 Mar 2004
|
|
Due: ---
|
|
Comments:
Prateek Mishra 2004-03-29 17:04 GMT
Maryann Hondo and Prateek Mishra to draft response to paper by Thomas Gross.
|
|
|
|
#0128: Liason with XRI Data
Interchange
|
|
Owner: Hal Lockhart
|
|
Status: Open
|
|
Assigned: 02 Mar 2004
|
|
Due: ---
|
|
Comments:
Prateek Mishra 2004-03-02 04:33 GMT
Hal will generate a posting on possible need to liaison.
|
|
|
|
#0125: Propose language to explain that AuthNResponse
may contain attribute statements
|
|
Owner: Prateek Mishra
|
|
Status: Open
|
|
Assigned: 16 Feb 2004
|
|
Due: ---
|
|
Comments:
Prateek Mishra 2004-02-16 14:46 GMT
Easy to do but needs proposal on validity of assertion life-times as well.
|
|
|
|
#0123: Obtain MIME type registration for HTTP lookup of
SAML
|
|
Owner: Jeff Hodges
|
|
Status: Open
|
|
Assigned: 13 Feb 2004
|
|
Due: ---
|
|
Comments:
|
|
|
|
#0117: Describe use-cases for attribute-based SSO in
relationship to ID-FF 1.2 NameIdPolicy
|
|
Owner: Prateek Mishra
|
|
Status: Open
|
|
Assigned: 11 Feb 2004
|
|
Due: ---
|
|
Comments:
|
|
|
|
#0114: Propose language to address attribute-based
federation
|
|
Owner: Prateek Mishra
|
|
Status: Open
|
|
Assigned: 19 Jan 2004
|
|
Due: ---
|
|
Comments:
http://lists.oasis-open.org/archives/security-services/200312/msg00064.html
|
|
|
|
#0105: Respond to IBM Analysis Paper
|
|
Owner:
|
|
Status: Open
|
|
Assigned: 19 Jan 2004
|
|
Due: ---
|
|
Comments:
Prateek Mishra 2004-01-19 23:09 GMT
- [ACTION] Scott & Tony to make recommendations based on IBM security
analysis paper
|