The formatting went crazy in the last
email, so this is the 3rd try. Sorry for the re-posts.
From: Atul
Tulshibagwale [mailto:atul@trustgenix.com]
Sent: Monday, April 11, 2005 1:34
PM
To: 'security-services@lists.oasis-open.org'
Cc: 'andy.moir@oasis-open.org'
Subject: FW: Objection to Ping
Identity Referral Service Provider Proposal
From: Atul
Tulshibagwale [mailto:atul@trustgenix.com]
Sent: Monday, April 11, 2005 1:17
PM
To: 'andy.moir@oasis-open.org'
Subject: Objection to Ping
Identity Referral Service Provider Proposal
To OASIS SSTC / Other TCs responsible for this.
Andy,
This email is to formally notify OASIS about objections from
Trustgenix to Ping Identity’s proposal for becoming a “Referral
Service Provider” for SAML Testing. While we will not discuss the
technical merits of the proposal in this email, Trustgenix strongly objects to
having a vendor in this space be responsible for running the SAML conformance
testing as there is are several obvious conflict of interest:
- Ping Identity commercially
markets the PingDeploy program and any feedback that the OASIS community
provides to this program will enable Ping Identity to receive free
intellectual property from the community. We as a competing vendor will
not be able to provide such feedback and strengthen a product of our competitor.
I’m sure there are other vendors who would also think the same and
therefore would not be able to make this a good conformance specification
- Ping Identity is a vendor in
this space and would be inclined to make the conformance specification
suitable to its implementation. Based on the objection in (a) above, it
will not be in the interest of other vendors to point out the weaknesses
in this specification
- In running the service Ping
Identity stands to gain intelligence about competitors products and intellectual
property from its competitors. Trustgenix will not be able to participate
in testing with Ping Identity for these reasons.
Best regards,
Atul