[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: W3C WG vs SAML ?? Fwd: [security-services] Official statement to W3C WG about impact on SAML?
> Chet's out for a few days on holiday. Scott C, it seems to me that we could offer > a comment. Better if it has the general assent of this TC. My presumption was we'd make it a TC statement. If it were possible to get a statement from OASIS, that would likely carry more weight, but would be necessarily more political and have to be carefully addressed obviously. > Is there a pointer to the compromise proposal? A version of it is here [1], but I don't know exactly what's been presented to the WG at this point, it's been difficult to get any traction on the idea that a different approach is necessary. I wouldn't want to get into the weeds of specific proposals in the statement anyway. What I think would be useful is just somethiing to the effect that requiring any changes to deployed software for SAML would be very challenging to all sorts of communities if it weren't phased on over many (probably 5+) years. I also have toyed with the idea of stating outright that nobody in the SAML world cares a bit if they block third party cookies, which is the only absolutely firm decision that they really have made. > Also, as a minor point, SAML is an OASIS and ITU-T standard (Rec X.1141), not > ISO. Meant ITU, apologies (though I think I thought ITU implied ISO, but either way). Thx, -- Scott [1] https://docs.google.com/document/d/1UWuw9_9EAnwtsct9fK6j7BN_ybcMSs2p0ooxb-U9O1s
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]