Re: [security-services] Groups - sstc-saml-x509-authn-attrib-profile-draft-10-diff.pdf uploaded

["Tom Scavo" <trscavo@gmail.com>]

On 8/15/06, Scott Cantor <cantor.2@osu.edu> wrote:
> > But w.r.t. stability of drafts, my main concern is that AFAIK
> > this profile was originally submitted to support a particular
> > use case defined by certain US government agencies.
>
> Right, but I haven't heard from those constituencies lately. Is the draft
> still needed? Whose RFP needs were being addressed and do they still have
> them?
>
> > As interoperability with these already existing deployments is
> > likely to be a major driver of adoption of this profile, we
> > should take care not to break interop with the original
> > profile if at all possible.
>
> As originally conceived, there could be no existing deployments since it was
> being written while SAML 2.0 was being written. Have there been deployments
> since? If so, it's worth asking how well that went.

These questions are paramount.  If backwards compatibility with
previous drafts is a goal, many of my previous comments are irrelevant
and many of Ari's concerns are non-issues.  We need to answer this
question before spinning our wheels further.

Tom