OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Re: Attribute Sharing Profile for X.509Authentication-Based Systems (Draft-12)

Yes, I will.
Thanks,
Ari


> -----Original Message-----
> From: Tom Scavo [mailto:trscavo@gmail.com]
> Sent: Thursday, March 29, 2007 12:32 PM
> To: Ari Kermaier
> Cc: Scott Cantor; OASIS SSTC
> Subject: Re: [security-services] Re: Attribute Sharing 
> Profile for X.509
> Authentication-Based Systems (Draft-12)
> 
> 
> Yes, nicely done.  Thanks, Scott.
> 
> Ari, will you use Scott's text to compile draft-13, then?
> 
> Cheers,
> Tom
> 
> On 3/29/07, Ari Kermaier <ari.kermaier@oracle.com> wrote:
> > That looks good to me -- Tom?
> > ::Ari
> >
> > > -----Original Message-----
> > > From: Scott Cantor [mailto:cantor.2@osu.edu]
> > > Sent: Wednesday, March 28, 2007 12:15 PM
> > > To: 'Tom Scavo'; 'OASIS SSTC'
> > > Subject: RE: [security-services] Re: Attribute Sharing
> > > Profile for X.509
> > > Authentication-Based Systems (Draft-12)
> > >
> > >
> > > > I'm still not clear on how best to reword this.  Scott,
> > > would you mind
> > > > taking a crack at this?  Here's how it stands now:
> > > >
> > > > ---------------------
> > > > The service provider and identity provider MAY use metadata
> > > in support
> > > > of this deployment profile for locating endpoints, 
> communicating key
> > > > information, and so on. If SAML V2.0 metadata is used, the
> > > > <md:AttributeAuthorityDescriptor> element defined by the
> > > SAML metadata
> > > > specification [SAMLMeta] and the 
> query:AttributeQueryDescriptorType
> > > > complex type defined by the SAML metadata extension 
> specification
> > > > [SAMLMeta-Ext] SHOULD be used with this deployment profile.
> > > > ---------------------
> > >
> > > Here's a suggested change:
> > >
> > > ---------------------
> > > The service provider and identity provider MAY use metadata
> > > in support of
> > > this deployment profile for locating endpoints, communicating key
> > > information, and so on. If SAML V2.0 metadata is used, the
> > > identity provider
> > > SHOULD use the  <md:AttributeAuthorityDescriptor> element
> > > defined by the
> > > SAML metadata specification [SAMLMeta]. The server provider
> > > SHOULD use the
> > > query:AttributeQueryDescriptorType complex type defined by
> > > the SAML metadata
> > > extension specification [SAMLMeta-Ext], or it MAY use the
> > > <md:SPSSODescriptor> element defined by SAML metadata 
> specification
> > > [SAMLMeta] if it also offers profile support consistent with
> > > that element.
> > > Other role types defined in future specifications MAY be used
> > > in conjunction
> > > with this profile, subject to agreement by the parties.
> > > ---------------------
> > >
> > > If you want to leave out the future proofing, let me know and
> > > I'll reword it
> > > stronger.
> > >
> > > -- Scott
> > >
> > >
> > >
> >
> >
>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]