[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] FW: Objection to Ping Identity ReferralService Provider Proposal
As you requested on the call just now, here's a followup message with my own concerns and a few others I'm hearing on the call: - General sense of a conflict of interest, though I don't think anyone is impugning Ping specifically - Having to bring an early version of our product to a competitor for conformance testing - The lopsided "bragging rights" given to a vendor chosen for conformance testing responsibility Eve Andy Moir wrote: > Eve: > > Please clarify what specific advantages or disadvantages you are concerned > with so I can address them. > > Thanks. > > Andy > > Andy Moir > 412.213.0338 Work > 978.761.1648 Cell > E-Mail: andy.moir@oasis-open.org > > -----Original Message----- > From: Eve L. Maler [mailto:Eve.Maler@Sun.COM] > Sent: Monday, April 11, 2005 7:30 PM > To: Atul Tulshibagwale > Cc: security-services@lists.oasis-open.org; andy.moir@oasis-open.org > Subject: Re: [security-services] FW: Objection to Ping Identity Referral > Service Provider Proposal > > > These are valid points; can Andy respond and explain how a subset of > vendors won't be placed at advantage or disadvantage with the > current proposal? If this can't be done, I'd be concerned about the > whole exercise. > > (I copied Andy, who wasn't included explicitly on Atul's message.) > > Eve > > Atul Tulshibagwale wrote: > >>The formatting went crazy in the last email, so this is the 3^rd try. >>Sorry for the re-posts. >> >> >> >>---------------------------------------------------------------------- >>-- >> >>*From:* Atul Tulshibagwale [mailto:atul@trustgenix.com] >>*Sent:* Monday, April 11, 2005 1:34 PM >>*To:* 'security-services@lists.oasis-open.org' >>*Cc:* 'andy.moir@oasis-open.org' >>*Subject:* FW: Objection to Ping Identity Referral Service Provider >>Proposal >> >> >> >> >> >> >> >>---------------------------------------------------------------------- >>-- >> >>*From:* Atul Tulshibagwale [mailto:atul@trustgenix.com] >>*Sent:* Monday, April 11, 2005 1:17 PM >>*To:* 'andy.moir@oasis-open.org' >>*Subject:* Objection to Ping Identity Referral Service Provider >>Proposal >> >> >> >>To OASIS SSTC / Other TCs responsible for this. >> >> >> >>Andy, >> >> >> >>This email is to formally notify OASIS about objections from >>Trustgenix >>to Ping Identity's proposal for becoming a "Referral Service Provider" >>for SAML Testing. While we will not discuss the technical merits of the >>proposal in this email, Trustgenix strongly objects to having a vendor >>in this space be responsible for running the SAML conformance testing as >>there is are several obvious conflict of interest: >> >> 1. Ping Identity commercially markets the PingDeploy program and any >> feedback that the OASIS community provides to this program will >> enable Ping Identity to receive free intellectual property from >> the community. We as a competing vendor will not be able to >> provide such feedback and strengthen a product of our competitor. >> I'm sure there are other vendors who would also think the same and >> therefore would not be able to make this a good conformance >> specification >> 2. Ping Identity is a vendor in this space and would be inclined to >> make the conformance specification suitable to its implementation. >> Based on the objection in (a) above, it will not be in the >> interest of other vendors to point out the weaknesses in this >> specification >> 3. In running the service Ping Identity stands to gain intelligence >> about competitors products and intellectual property from its >> competitors. Trustgenix will not be able to participate in testing >> with Ping Identity for these reasons. >> >> >> >>Best regards, >> >>Atul >> >> >> > > -- Eve Maler eve.maler @ sun.com Sun Microsystems - Business Alliances x40976 / +1 425 947 4522
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]