OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Comments on CD 3 and their resolution


1. Announcement of SAML public review, December 15
http://lists.oasis-open.org/archives/members/200412/msg00007.html

2. Comments and Resolution


2.1 NameIDPolicy Format use clarification

Comment:
http://lists.oasis-open.org/archives/security-services/200412/msg00056.html

Relationship between NameIDPolicy and encrypted NameID

Resolution:
No change to specification.

Not considered to be a use-case included within SAML
2.0
http://lists.oasis-open.org/archives/security-services/200412/msg00057.html


2.2 Should
urn:oasis:names:tc:SAML:2.0:nameid-format:encrypted be
listed in Section 8.3?

Comments:
http://lists.oasis-open.org/archives/security-services/200412/msg00058.html
http://lists.oasis-open.org/archives/security-services/200412/msg00060.html

Resolution:
No change to specification. Usage adequately described
in Section 3.4.1.1
http://lists.oasis-open.org/archives/security-services/200412/msg00061.html

2.3 Incorrect reference to
urn:oasis:names:tc:SAML:2.0:nameid-format:encrypted 
on line 2481 of core

Comment:
http://lists.oasis-open.org/archives/security-services/200412/msg00065.html

Resolution:

Removed from specification text (2498-2499 of core
03c)

http://lists.oasis-open.org/archives/security-services/200412/msg00066.html

2.4 Inconsistency between SLO description in core and
profiles

Comments:
http://lists.oasis-open.org/archives/security-services/200412/msg00063.html

Resolution:
Core 3c-diff (2642-2668, 2537-2539) and Profiles
3c-diff (1157-1158, 1214-1229,
1243-1248) updated to reflect the following semantics
http://lists.oasis-open.org/archives/security-services/200501/msg00035.html
as summarized in 
http://lists.oasis-open.org/archives/security-services/200501/msg00049.html

2.5 Proposed core/bindings/profiles clarifications

Comment:
http://lists.oasis-open.org/archives/security-services/200412/msg00069.html

Resolution:
Comment describes several minor fixes to the
specification set.

2.6 Updates to Section 3.3 of conformance

Comments:
http://lists.oasis-open.org/archives/security-services/200412/msg00084.html
http://lists.oasis-open.org/archives/security-services/200501/msg00005.html

Resolution:
Updates made to Section 3.3 of conformance 3a, as
described in:
http://lists.oasis-open.org/archives/security-services/200501/msg00039.html


2.7 Typo in Profile line 1367

Comment:
http://lists.oasis-open.org/archives/security-services-comment/200412/msg00001.html

Resolution:
Fixed on line 1390 of profiles 03c.

2.8 Status of Session Timeouts in SAML 2.0

Comment:
http://lists.oasis-open.org/archives/security-services-comment/200412/msg00000.html

Resolution:
No change to specification.

http://lists.oasis-open.org/archives/security-services/200501/msg00064.html

2.9 Seek further information on SAML use-cases etc.

Comment:
http://lists.oasis-open.org/archives/security-services-comment/200501/msg00000.html

Resolution:
No change to specification
http://lists.oasis-open.org/archives/security-services/200501/msg00065.html

2.10 Comments and suggestions about aspects of CD 3

Comment:
http://lists.oasis-open.org/archives/security-services-comment/200501/msg00001.html

Resolution:
Added following items to SAML 2.0 errata document:


(1) Replace reference to [RFC 1510] by reference to
[RFC 1964] on line 3309 of core 3c.

(2) Replace lines 259-263 of conformance 3a by:

SAML 2.0 implementations MUST implement all
encryption ciphers and cipher
modes specified as mandatory in [XMLEnc].

http://lists.oasis-open.org/archives/security-services/200501/msg00069.html


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]