RE: [security-services] Proposal made to WSFED TC involving SAML metadata

["Scott Cantor" <cantor.2@osu.edu>]

> Don Schmidt sent the message below to the WSFED TC last Friday; it's a
> proposal for referencing/profiling the SAML Entit[y|ies]Descriptor
metadata
> constructs for usage with WS-Federation.  I believe Scott Cantor has
> reviewed the proposal, and Emily Xu and I also had a look (perhaps others
on
> the SSTC have as well?).

Yes, I've seen a few iterations of it, and have discussed some of the
alternative schema formulations with Don. There are always multiple ways of
doing things, and I think the principal need from the SSTC (apart from vocal
support) is feedback as to how best to achieve WS-Federation goals while
also making life easy for existing implementations.

> Can we spend a few moments on the next SSTC call
> discussing ways to ensure that the SAML metadata spec is fully prepared
for
> this kind of referencing, and any related harmonization issues/comments?

My feedback to Don has been that there are some relatively minor errata to
SAML2Meta that would be useful to clarify the intent for reuse of some
existing constructs, some of which have already been reused by both official
and unofficial profiles, one of which is an OASIS standard [1].

Any objections that I could imagine, which are non-technical, have already
been trumped by our own past extension work.

-- Scott

[1] http://wiki.oasis-open.org/security/SstcSaml1xMetadata