[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: IMPORTANT - Solicitation of implementation attestations for SAML 2.0
|
Hi folks, At the upcoming 09-Nov SSTC con-call (4 weeks from today) we
plan to vote to reaffirm the CD-02 documents as SSTC Committee Draft
specifications and presumably vote to officially submit SAML 2.0 to OASIS for
standardization. Assuming successful votes, the SSTC chairs must provide
submission documents to the OASIS TC administrator by 15-Nov. As part of this
submission, we must provide OASIS with statements from at least 3 member
organizations certifying that they are successfully using the V2.0
specifications. Without the attestations, we CAN NOT SUBMIT the V2.0
specifications to OASIS for standardization. If we miss the 15-Nov date, our
submission will be delayed at least one month. Thus, Prateek and I need everyone that has “successfully
used” the V2.0 specifications to PLEASE provide us with a statement
indicating that fact. In accordance with OASIS guidelines, attestations must be
made publicly to the SSTC mailing list. We'd like to ask that everyone that can do so provide these
statements AS SON AS POSSIBLE and not wait until right before the deadline. The following statement identifies the OASIS position on
defining the term "successfully using". It is taken from: http://www.oasis-open.org/committees/guidelines.php#spec_standard ----------------- Certification by at least three OASIS member
organizations that they are successfully using the specification. (Despite
numerous requests, the OASIS TC Administrator feels it is not in the TC's best
interests to further define the meaning of "successfully using". The
implementation could really be anything from prototypes or proof of concept all
the way up to shrink-wrapped software. Defining this further would only
restrict the definition and make it harder for member organizations to say that
they are successfully using the specification.) This certification can be in
the form of a simple statement in email from a company representative, e.g.
"I certify that XYZ company is successfully using...." The
implementers must also certify that their implementations comply with known IP
encumbrances (see IPR below). The submission should include the URLs of these
mail messages in the TC's email archive. ----------------- IPR declarations that affect SAML are described at: http://www.oasis-open.org/committees/security/ipr.php Thanks for your attention to this required step in the V2.0
submission process. Rob Philpott |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]