RE: [ebxml-msg] FW: [security-services] Call for work item owners

["Dale Moberg" <dmoberg@cyclonecommerce.com>]

OK Matt!

I will wait a couple more days, and then send off our offer to SAML to
help with it or just-do-it.
I assume we can begin by seeing whether we can follow the basic SOAP
binding fairly closely. Here is a URL for you and Jeff for that one. [I
will send it later. Can't get to OASIS web site again...]

We also need to consider what the going-forward plan for ebMS 2.x and
3.x should/could be, and make sure that what we propose fits. I think we
can just let SAML assertions be in their own soap:header block/module,
and not worry about embedding it somehow in the ebXML header block. At
least that is my working assumption--let me know if you have a different
view.


Dale




-----Original Message-----
From: Matthew MacKenzie [mailto:matt@yellowdragonsoft.com] 
Sent: Tuesday, August 12, 2003 3:04 AM
To: Dale Moberg
Cc: ebxml-msg@lists.oasis-open.org; eve.maler@sun.com
Subject: Re: [ebxml-msg] FW: [security-services] Call for work item
owners


I'm in.

Matthew MacKenzie

Dale Moberg wrote:

>Hi,
>
>Jeff T. and I are willing to work on W-20 itemized below by the SAML 
>group. Does anyone else want to help? We can send a msg to Eve Maler 
>saying we are volunteering. Clearly the more known about both SAML and
>ebXML Messaging the better!
>
>Dale
>
>-----Original Message-----
>From: Eve L. Maler [mailto:eve.maler@sun.com]
>Sent: Monday, August 11, 2003 10:50 AM
>To: security-services@lists.oasis-open.org
>Subject: [security-services] Call for work item owners
>Importance: Low
>
>
>I have attached the next draft of the scope/work items document 
>(because
>
>I can't get to the members-only SAML home page to upload it) -- thanks
>to Scott for reorienting it and fleshing it out some more.  I've 
>numbered all the candidate work items, even though the order and 
>grouping may not be perfect.  Please take a look and sign yourself up
as
>
>an "owner" of unassigned items that interest you; a few already have
>owners:
>
>W-1  Session Support
>W-2  Identity Federation
>W-3  Metadata and Exchange Protocol (Jahan?)
>W-4  Protocol Enhancements
>W-5  SSO Profile Enhancements
>W-6  Proxied SSO
>W-7  Introduction Protocol
>W-8  Authentication Context
>W-9  XML Encryption
>W-10 Back Office Profiles
>W-11 Mid-Tier Usage
>W-12 Attribute Retrieval Enhancement
>W-13 Hierarchical Privilege Delegation ](Krishna has suggested
>W-14 SAML Server Trust                 ] combining these --
>W-15 Delegation and Intermediaries     ] sign up for them together?)
>W-16 Multi-Participant Transactional Workflows (Scott, RLBob, Jeff)
>W-17 Credentials Collector and Assertions (Tim, Jeff) 
>W-18 SASL Support 
>W-19 HTTP Binding (Scott) 
>W-20 ebMS Binding 
>W-21 Baseline Attribute Namespace (Scott, RLBob) 
>W-22 Assertion Caching 
>W-23 Security Workflow 
>W-24 Privacy and Anonymity 
>W-25 Kerberos Support (John Hughes) 
>W-26 Dependency Audit (Prateek) 
>W-27 Security Analysis Enhancements 
>W-28 XACML-Proposed Changes
>
>Here's what is expected of work item owners:
>
>========
>We intend to take a use-case-based approach for each new area of
>functionality. The owner(s) for each candidate work item will be 
>expected to make a proposal containing at least one use case and 
>definitions of any new terms.  On acceptance of a use case, the
owner(s)
>
>will be expected to make a proposal for SAML technology that solves the
>use case.  In the work item table below, the following status values
are
>
>applied:
>O Candidate work item
>	o	Unassigned
>	o	Waiting for use case proposal
>	o	Considering use case proposal
>	o	Rejected
>O Active work item (if a candidate work item was accepted)
>	o	Waiting for solution proposal
>	o	Considering solution proposal
>	o	Solution incorporated
>O Request for enhancement (presumes that the request came as the result
>of a real use case)
>	o	Waiting for proposal
>	o	Considering proposal
>	o	Disposition made (can be accepted, accepted with
>modifications, or 
>rejected; we also need to communicate the disposition back to the
>requester) ========
>
>Okay folks, go for it!  We don't have to assign owners to everything;
>whatever doesn't attract an owner probably isn't worth working on.  But

>if we get owners assigned to the interesting stuff by the next telecon,

>we'll be making good progress.
>
>Oh, and yell if we've missed any obvious work items.
>
>	Eve
>  
>
>-----------------------------------------------------------------------
>-
>
>You may leave a Technical Committee at any time by visiting 
>http://www.oasis-open.org/apps/org/workgroup/ebxml-msg/members/leave_wo
>rkgroup.php
>

-- 
Matthew MacKenzie
Yellow Dragon Software Corporation http://www.yellowdragonsoft.com/
m: +1 506.869.0175