[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] New Schedule for SAML 2.0 Standardization
>Eve, please tell me why its unnecessary to hold an interop event as its >unnecessary to have a lot of things (like conformance suite) but the TC >does? I don't see an interop on schedule or in any discussions. Providing >interoperability should be a core aspect of every OASIS standard (as this >is why we do stds). But "should be" and "is" aren't the same thing. It's not a requirement that an OASIS specification (probably a preferable term, only a few bodies can create "standards") undergo anything expect a vote to CD, public review, response, attestations of "use", and submission for final vote (I think that's the whole list, I'm sure somebody will correct me). I don't think you can argue that "formal interop event" is part of the required process, though you can certainly argue it should be. Also, I assumed the point of requiring attestations is ostensibly to demonstrate that the spec has been used in some capacity that demonstrates basic soundness. And that's a precondition for final submission, not CD approval, unless I'm confused. We could adopt a stricter requirement as to what constitutes "use", though I'm not sure it's necessary. SAML 1.x did well enough without it. >I for one have no idea about the implementation or interoperability issues >(or non issues) until an interop is done, so its hard to vote to take what >we have to CD. Why? CD doesn't mean it can't be changed, it just has to go back through review if there's a problem. Getting to CD allows people to implement with some confidence that the spec won't radically change unless a problem is found, leading to...interop testing. Will we get enough people testing if we don't put a stake in the ground? Plus which, how could one argue that it will take more time to just do another CD and review cycle than to wait for a formal interop to even get to CD? Why wait? >I think that with all the changes in SAML 2.0 that an interop is perfectly >appropriate. Not saying I agree or disagree, but I would note that most of the pieces in their progenitive form have undergone extensive interop testing, in the form of Liberty. Yes, there are changes, but it's more testing than SAML 1.0 or 1.1 got. >Are you also saying that I can't bring this issue up now as time has >passed ? I think the tone was more "why bring this up now, when we've been planning a CD vote for months?" -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]