[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Proposed Interop for ws-sx examples document
To: WS-SX TC members: Based on action item from the 7/23 ws-sx minutes: http://lists.oasis-open.org/archives/ws-sx/200807/msg00035.html We are planning (proposing) to have a virtual interop during the week of Sep 22-26 for the ws-sx examples document. http://www.oasis-open.org/committees/document.php?document_id=28909&wg_abbrev=ws-sx Below is a tidied up copy of the full table of contents. From that list the following have been selected as the initial candidates for this Interop. These are subject to revision at the agreement of the participating parties. It is expected that if this first Interop goes well then there will be subsequent Interops to test additional scenarios. (Possibly this effort can lead to an eventual participation in a generally available Interop test network with a focus on security.) The intent is to pick scenarios that vendors support and are interested in promoting for customer use. We will also consider adding new scenarios not included in the doc if there is significant interest in that. Similarly, the existing examples can be molded to meet current practice if discrepancies are found. The "flavor" of these scenarios is primarily straight WS-Security with WS-SP policies applied. However, there is one scenario that includes WS-Trust (2.3.2.5 (the ws-sx interop scenario) and one with WS-SecureConversation (2.4.1). 2.1.1.3 UsernameToken with timestamp, nonce and password hash 15 2.1.3.1 (WSS 1.0) Encrypted UsernameToken with X.509v3 23 2.1.4 (WSS 1.1), User Name with Certificates, Sign, Encrypt 27 2.2.2.1 (WSS1.0) Mutual Auth, X.509 Certs, Symmetric Encrypt 38 2.2.4 (WSS1.1) Mutual Auth with X.509 Cert, Sign, Encrypt 46 2.3.2.4 (WSS1.1) SAML1.1/2.0 SV w X.509 Cert, Sign, Encr 83 2.3.2.5 (WSS1.1) SAML1.1/2.0 HK, Sign, Encrypt (Needs STS) 89 2.4.1 (WSS 1.0) Sec Conv bootstrap by Mut Auth w X.509 Certs 114 The selections were loosely based on the level of interest shown during the TC by various contributors. They also represent a good cross-section of the capabilities and include some of the more difficult examples. As indicated above, it is intended that the participants agree on the scenarios selected, so the initial task will be to agree on the objectives. If at least 2 participants are willing to do an example then it should be included. Please send an email to me directly to indicate interest and copy anyone else in the TC (or the whole TC) if you want others to know of your initial interest (i.e. willing to listen to tentative conditional interest levels as well, since the initial purpose of this email is to gauge the interest to try to establish critical mass - date will be flexible if there is interest in a "better" date). Suggestions are welcome. Thanks, Rich 2 Scenarios 13 2.1 UsernameToken 13 2.1.1 UsernameToken – no security binding 13 2.1.1.1 UsernameToken with plain text password 13 2.1.1.2 UsernameToken without password 14 2.1.1.3 UsernameToken with timestamp, nonce and password hash 15 2.1.2 Use of SSL Transport Binding 16 2.1.2.1 UsernameToken as supporting token 17 2.1.3 (WSS 1.0) UsernameTok w Mut X.509v3 Auth, Sign, Encrypt 19 2.1.3.1 (WSS 1.0) Encrypted UsernameToken with X.509v3 23 2.1.4 (WSS 1.1), User Name with Certificates, Sign, Encrypt 27 2.2 X.509 Token Authentication Scenario Assertions 31 2.2.1 (WSS1.0) X.509 Certificates, Sign, Encrypt 31 2.2.2 (WSS1.0) Mutual Auth with X.509 Certs, Sign, Encrypt 34 2.2.2.1 (WSS1.0) Mutual Auth, X.509 Certs, Symmetric Encrypt 38 2.2.3 (WSS1.1) Anonymous with X.509 Cert, Sign, Encrypt 42 2.2.4 (WSS1.1) Mutual Auth with X.509 Cert, Sign, Encrypt 46 2.3 SAML Token Authentication Scenario Assertions 52 2.3.1 WSS 1.0 SAML Token Scenarios 54 2.3.1.1 (WSS1.0) SAML1.1 Assertion (Bearer) 54 2.3.1.2 (WSS1.0) SAML1.1 Assertion (Sender Vouches (SV)) on SSL 56 2.3.1.3 (WSS1.0) SAML1.1 Assertion (Holder of key (HK)) on SSL 59 2.3.1.4 (WSS1.0) SAML1.1 (SV) w X.509 Cert, Sign, Option Encr 60 2.3.1.5 (WSS1.0) SAML1.1 Holder of Key, Sign, Optional Encrypt 66 2.3.2 WSS 1.1 SAML Token Scenarios 72 2.3.2.1 (WSS1.1) SAML 2.0 Bearer 72 2.3.2.2 (WSS1.1) SAML2.0 Sender Vouches over SSL 76 2.3.2.3 (WSS1.1) SAML2.0 HoK over SSL 78 2.3.2.4 (WSS1.1) SAML1.1/2.0 SV w X.509 Cert, Sign, Encr 83 2.3.2.5 (WSS1.1) SAML1.1/2.0 HK, Sign, Encrypt 89 2.4 Secure Conversation Scenarios 114 2.4.1 (WSS 1.0) Sec Conv bootstrap by Mut Auth w X.509 Certs 114 |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]