RE: [ebxml-msg] FW: [security-services] Call for work item owners

["Dale Moberg" <dmoberg@cyclonecommerce.com>]

Both. 

The SAML TC had a task to say how to carry SAML assertions within ebMS.
So while doing that task for them we would prepare to do the second task
you mentioned. I think the second task would show suggested/recommended
ways to use SAML within ebMS to achieve authentication. 

I am not certain about the official procedures to do this. I plan to
join Matt and just ask Eve M. how she wants us to proceed. I thought we
would  just meet and then submit a draft to them for review and
discussion. The sample SOAP binding/profile document has detailed info
on how to produce the required specification. 

Are you interested in helping the SAML group with this task?

Thanks,
Dale



-----Original Message-----
From: Doug.Bunting@Sun.COM [mailto:Doug.Bunting@Sun.COM] 
Sent: Monday, August 18, 2003 4:34 PM
To: Dale Moberg
Cc: Matthew MacKenzie; ebxml-msg@lists.oasis-open.org
Subject: Re: [ebxml-msg] FW: [security-services] Call for work item
owners


Dale,

A clarification please: Does this work item relate to carrying SAML 
assertions and other messages from that protocol using the ebXML 
Messaging protocol?  This seems most appropriate for work within the 
SAML (Security Services) TC.  The alternative is expanding the vague 
reference to SAML as an authentication mechanism in our (ebXML Messaging

2.0) document.  Your added notes seem to lean in this direction.

thanx,
	doug

On 12-Aug-03 10:14, Dale Moberg wrote:

> OK Matt!
> 
> I will wait a couple more days, and then send off our offer to SAML to
> help with it or just-do-it. I assume we can begin by seeing whether we

> can follow the basic SOAP binding fairly closely. Here is a URL for 
> you and Jeff for that one. [I will send it later. Can't get to OASIS 
> web site again...]
> 
> We also need to consider what the going-forward plan for ebMS 2.x and
> 3.x should/could be, and make sure that what we propose fits. I think 
> we can just let SAML assertions be in their own soap:header 
> block/module, and not worry about embedding it somehow in the ebXML 
> header block. At least that is my working assumption--let me know if 
> you have a different view.
> 
> 
> Dale
> 
> 
> 
> 
> -----Original Message-----
> From: Matthew MacKenzie [mailto:matt@yellowdragonsoft.com]
> Sent: Tuesday, August 12, 2003 3:04 AM
> To: Dale Moberg
> Cc: ebxml-msg@lists.oasis-open.org; eve.maler@sun.com
> Subject: Re: [ebxml-msg] FW: [security-services] Call for work item 
> owners
> 
> 
> I'm in.
> 
> Matthew MacKenzie
> 
> Dale Moberg wrote:
> 
> 
>>Hi,
>>
>>Jeff T. and I are willing to work on W-20 itemized below by the SAML 
>>group. Does anyone else want to help? We can send a msg to Eve Maler 
>>saying we are volunteering. Clearly the more known about both SAML and

>>ebXML Messaging the better!
>>
>>Dale
>>
>>-----Original Message-----
>>From: Eve L. Maler [mailto:eve.maler@sun.com]
>>Sent: Monday, August 11, 2003 10:50 AM
>>To: security-services@lists.oasis-open.org
>>Subject: [security-services] Call for work item owners
>>Importance: Low
>>
>>
>>I have attached the next draft of the scope/work items document 
>>(because
>>
>>I can't get to the members-only SAML home page to upload it) -- thanks
>>to Scott for reorienting it and fleshing it out some more.  I've 
>>numbered all the candidate work items, even though the order and 
>>grouping may not be perfect.  Please take a look and sign yourself up
> 
> as
> 
>>an "owner" of unassigned items that interest you; a few already have
>>owners:
>>
>>W-1  Session Support
>>W-2  Identity Federation
>>W-3  Metadata and Exchange Protocol (Jahan?)
>>W-4  Protocol Enhancements
>>W-5  SSO Profile Enhancements
>>W-6  Proxied SSO
>>W-7  Introduction Protocol
>>W-8  Authentication Context
>>W-9  XML Encryption
>>W-10 Back Office Profiles
>>W-11 Mid-Tier Usage
>>W-12 Attribute Retrieval Enhancement
>>W-13 Hierarchical Privilege Delegation ](Krishna has suggested
>>W-14 SAML Server Trust                 ] combining these --
>>W-15 Delegation and Intermediaries     ] sign up for them together?)
>>W-16 Multi-Participant Transactional Workflows (Scott, RLBob, Jeff)
>>W-17 Credentials Collector and Assertions (Tim, Jeff) W-18 SASL 
>>Support W-19 HTTP Binding (Scott)
>>W-20 ebMS Binding 
>>W-21 Baseline Attribute Namespace (Scott, RLBob) 
>>W-22 Assertion Caching 
>>W-23 Security Workflow 
>>W-24 Privacy and Anonymity 
>>W-25 Kerberos Support (John Hughes) 
>>W-26 Dependency Audit (Prateek) 
>>W-27 Security Analysis Enhancements 
>>W-28 XACML-Proposed Changes
>>
>>Here's what is expected of work item owners:
>>
>>========
>>We intend to take a use-case-based approach for each new area of
>>functionality. The owner(s) for each candidate work item will be 
>>expected to make a proposal containing at least one use case and 
>>definitions of any new terms.  On acceptance of a use case, the
> 
> owner(s)
> 
>>will be expected to make a proposal for SAML technology that solves
>>the use case.  In the work item table below, the following status 
>>values
> 
> are
> 
>>applied:
>>O Candidate work item
>>	o	Unassigned
>>	o	Waiting for use case proposal
>>	o	Considering use case proposal
>>	o	Rejected
>>O Active work item (if a candidate work item was accepted)
>>	o	Waiting for solution proposal
>>	o	Considering solution proposal
>>	o	Solution incorporated
>>O Request for enhancement (presumes that the request came as the
>>result of a real use case)
>>	o	Waiting for proposal
>>	o	Considering proposal
>>	o	Disposition made (can be accepted, accepted with
>>modifications, or
>>rejected; we also need to communicate the disposition back to the
>>requester) ========
>>
>>Okay folks, go for it!  We don't have to assign owners to everything;
>>whatever doesn't attract an owner probably isn't worth working on.  
>>But
> 
> 
>>if we get owners assigned to the interesting stuff by the next
>>telecon,
> 
> 
>>we'll be making good progress.
>>
>>Oh, and yell if we've missed any obvious work items.
>>
>>	Eve
>> 
>>
>>----------------------------------------------------------------------
>>-
>>-
>>
>>You may leave a Technical Committee at any time by visiting 
>>http://www.oasis-open.org/apps/org/workgroup/ebxml-msg/members/leave_w
>>o
>>rkgroup.php

-- 
SunNetwork 2003 Conference and Pavilion
"An unparalleled event in network computing! Make the net work for you!"

WHEN:  September 16-18, 2003
WHERE: Moscone Center, San Francisco

For more information or to register for the conference, please visit:
http://www.sun.com/sunnetwork