RE: [security-services] "Registration" process for third-party SAML customizations

["Philpott, Robert" <rphilpott@rsasecurity.com>]

+1.

Looks good - thanks Eve.

Rob Philpott
Senior Consulting Engineer 
RSA Security Inc. 
Tel: 781-515-7115 
Mobile: 617-510-0893 
Fax: 781-515-7020 
mailto:rphilpott@rsasecurity.com

> -----Original Message-----
> From: John Kemp [mailto:john.kemp@nokia.com]
> Sent: Tuesday, October 26, 2004 4:07 PM
> To: ext Eve L. Maler
> Cc: 'security-services@lists.oasis-open.org'
> Subject: Re: [security-services] "Registration" process for
third-party
> SAML customizations
> 
> Hi Eve,
> 
> The only quibble I would have with this statement is that I don't
> consider further profiling to be an example of SAML "extensibility".
In
> most cases, it seems to me that particular groups of SAML users will
> wish to further profile the specifications - by creating new protocol
> profiles, or new authentication classes. In other cases, groups will
> decide to extend the SAML schema (to create new Conditions for
example).
> 
> But I guess all I would do to your statement below is to amend the
first
> couple of sentences to read something like:
> 
> "SAML is designed both for extensibility and general applicability. It
> is anticipated that some SAML users may wish to further profile or
> extend the SAML specifications, by custom-designing their own protocol
> profiles, attribute profiles..."
> 
> - JohnK
> 
> ext Eve L. Maler wrote:
> 
> > Forgot to bring this up on today's call.  Any comments?  I don't
think
> > we particularly need to rush to get this settled as long as we do it
> > by the time V2.0 is final; it probably needs a quorate discussion,
so
> > that'll be Nov 9.  (I think Mary McRae also wanted a chance to
> > convince me that we should be using the OASIS Registry for this...)
> >
> >     Eve
> >
> > Eve L. Maler wrote:
> >
> >> Here's the sort of thing I was thinking of adding to the SAML
website
> >> regarding a "registration" process.  What do you all think?
> >>
> >> ========
> >> SAML Customizations:
> >>
> >> SAML is designed for extensibility, and it is anticipated that some
> >> SAML users will want to custom-design their own profiles, attribute
> >> profiles, authentication context classes, and/or extensions as
> >> appropriate for their purposes.  The SSTC invites third parties who
> >> are customizing SAML to notify us of the existence of their
> >> documented SAML usage so that we can list and link to the documents
> >> on this site.  This listing is intended to help other SAML users
more
> >> easily find and use existing customizations.
> >>
> >> It is expected that any such customization document adhere to any
> >> guidelines set forth in the relevant SAML specification; as one
> >> example of a guideline, each profile must be assigned a unique URI.
> >>
> >> To notify the SSTC of your customization, use the [link: comment
> >> form].  The SSTC reserves the right not to list any customization,
> >> and no endorsement by the SSTC of any listed customization is
implied.
> >>
> >> If you are an OASIS member and wish to contribute a SAML profile or
> >> other customization to the SSTC for consideration in future work on
> >> SAML, please refer to the OASIS TC process for the proper way to
make
> >> a contribution.
> >> ========
> >>
> >>     Eve
> >
> >
> 
> 
> To unsubscribe from this mailing list (and be removed from the roster
of
> the OASIS TC), go to http://www.oasis-
>
open.org/apps/org/workgroup/security-services/members/leave_workgroup.ph
p.