OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: [saml-dev] SAML Interop 2002 at Burton Catalyst


Great response. I'll reply inline.


Hal Lockhart wrote:



Thanks for taking the initiative on this.

> Dear Fellow SAML Interop 2002 Participants,
> My name is Don Bowen and I am leading the SAML Interop
> coordination for Sun. I am working closely with our
> engineering team, which is building our first SAML-compliant
> product, now called Sun ONE Identity Server.

> I know Prateek Mishra from Netegrity has sent out a more
> formal proposal for the technical focus for the interop and I
> hope to see more responses to that proposal soon. At the same
> time I believe there is a need to start thinking about this
> event from a little higher level and to begin to map out a
> timetable and the details for how we will make this happen.

> If for some reason I have missed a prior effort by someone
> else on the list to initiate this same activity, my
> apologies. I am just getting a little concerned with time and
> having recently been a Burton Group employee, I know the
> level of professionalism attendees will expect (and I'm sure
> many of you do as well).

I am confident you didn't miss anything. ;-)

> I would like to schedule a conference call as soon as
> possible, possibly as early as next week, to discuss some of
> the following issues and others, which we can hopefully
> identity via email in the next few days.

Can Sun sponsor a conference bridge? Next Tuesday (4/23) at 12:00 EDT would be a good time as the regular SAML call has been canceled.

Yes, I should be able to set up a bridge for that time. I will need to know how many lines to reserve. Also, aren't you on standard time now? Or am I confused?
> Again, assuming the technical focus will be worked out
> separately, I wanted to highlight some of what I've been
> thinking about and then let others add, remove, clarify, etc.
> My apologies in advance for this format.

> What will we call this? Has this been decided already? You
> can see the subject line for my vote :-)

Seems reasonable to me. Perhaps a Marketing person would not find it very sexy. We should run it by Jim Kobielus. What have prior events of this sort been called?

OK, I will run it by Jim (who is lurking on this thread) and assume that if anyone else objects they will voice their opinion here and soon :-)

> How will we execute a dry-run?
> Will we meet somewhere centrally and bring our equipment,
> switches, cables, software, etc.?
> This is probably most efficient, but not cheap
> What location is the most effective?
> If we did it on the west coast, for example, could we have
> one or more vendors provide more of the hardware (one of us
> should be able to do that :-) Let me go on record as voting
> for this approach.

> We should probably book a hotel with conference room large
> enough to "work" in very soon.
> Would we try to do this over the internet and avoid the travel?
> At first thought this seemed more economical, but now seems
> likely to be:
> more expensive
> more time-consuming
> less helpful for what we have to execute at Catalyst

We still favor the Internet approach, perhaps each of us working to acheive interoperability with one other vendor at a time. If not, perhaps we could have an east coast and a west dry run. A number of us are here in the Boston area. Seems like it would be better to hold it in a lab at a company if possible for better access to power, phone lines, etc.

My only concern with the internet approach is that it may be slower. I like the idea of a dry run on each coast. Those that wanted to participate in both could. I also like the idea of holding it in a companies lab. I will look into whether our lab could be used on the west coast, but the rest of you should do the same.
As far as equipment, we need to distinguish between end systems, which I assume each vendor will provide and network equipment which could be as little as a couple of ethernet switches.
Would anyone want to volunteer to create a strawman of what they think the overall demo diagram might look like? We have 13 vendors participating. So, does that mean we want this to look like 13 separate "companies" each implementing a different product? I would assume that to be the case and that we will need firewall's, etc. However, do we really even need an internet connection to make this work? Clearly having one makes the demo more realistic to viewers, but technically it seems like a bell or whistle.

> How soon do we need to have the dry-run?
> Catalyst runs from July 15-17 (actually the
> registration/dinner is July 14th and not to be missed if you
> haven't attended before - this is my 6th one :-)
> Our "hospitality suite" where the demo will occur is Monday, July 15
> We will want time to regroup after the dry-run and "fix" things.
> Should we shoot for end of May? Middle of June? I'd prefer
> the former.

Mid June seems more realistic. However, if we do it over the net, the testing can stretch out for 6 weeks or more.

How would testing over the net occur?

Let me make a specific counter proposal:

Technical specifications to be agreed upon by May 15.

At least.

Bilateral testing to begin as soon as any two vendors are ready.

How many vendors would each have to test against to insure for themselves that they are "interoperable"? Does the transitive property of equality apply (if a=b and b=c, then a=c)? :-) I agree that testing should begin any time, but was worried also that individual testing might cause someone to feel left out. I guess I was thinking that size of organization would only matter in terms of being able to help out more (you can tell I'm fairly new to Sun :-)

[Optional] Regional dry runs at companies or hotel suite during June.

Everybody arrive in SF by July 8 for setup and interop testing in a hotel suite.

I actually like this idea of arriving early, though it makes for a long week. The only negative is that if you find any major issues that need to be dealt with, it might be difficult to do it away from "home" and in time for the real demo. I'll confess to being a half-empty kind of guy. What do the rest of you think?

Move the setup to the Catalyst site when available (7/13 or 7/14).

(It is easier for me to send a team to the west coast a few days early than to do two separate trips.)

I understand this. I was hoping to send a smaller team to the dry run. That may also be wishful thinking.

> At Catalyst
> We can have access to the suite for setup on Saturday. I am
> currently planning to arrive Friday night just in case I can
> be of any help and also to make sure that we are ready to
> begin the setup activity on Saturday morning. The suite will
> have internet hookup, but nothing else will be provided.
> We really need to be ready to go (imho) by Sunday afternoon,
> but I am hopeful that Saturday evening is a possibility. Much
> will depend on how well the dry-run goes and how much stays
> the same :-)

I think the best demo net is an isolated switch. That minimizes the extraneous variables. Internet access will be needed only for downloads.

Ah, didn't understand this at first, but I can now see I was just agreeing with you :D

> During the day, actually in the morning, on Monday, July 15
> we will be required to provide a briefing and demo for the press.
> During the evening on Monday, July 15 we will open the suite
> to Catalyst attendees for demos and briefing.

> Details for how the demos will be done is something we need
> to discus. We definitely need a vision here, followed by a
> well written script. This could be one of the most difficult
> issues to address and may be the most key.

Once we agree on the technical specifications, this should not be too hard.

Not hard maybe, but real important. I also think this is probably the biggest area where we will need to be on the "same team". Again, if someone wanted to start to create a strawman, based on their own experience with something similar, that would be great.

> On Tuesday during a general session, one of the SAML TC
> co-chairs, Jeff Hodges or Joe Pato, will provide a SAML
> report, including a "post mortem" on the previous day's activities.

I've asked Jeff if they know who is speaking and the decision has still not been made yet, not that it is pertinent to our effort.

> Marketing
> We will want to have some kind of marketing done on this
> prior to Catalyst. The sooner the better. I am not aware of
> any plans, but that doesn't mean there aren't any.
> I talked to Jim Kobielus at Burton, who is our interface and
> he will help. I actually think it is very important that they
> assist a lot here, but again, just my thoughts. I told him we
> should begin to "hype" this onsite at registration and during
> the dinner on Sunday.

I would hope they would "hype" it in advance of the show. Perhaps they could put something on the web page.

Yes, I'll talk with Jim about this as well. I think OASIS should also do some "hyping" on their web site.

> We will need to create collateral specifically for this
> event, but what? At a minimum we need:
> A printed handout that gives an overview of SAML (with links
> to more detail), shows who is participating and
> diagrams/describes exactly what is being demonstrated (order
> to be determined)
> Graphic visual-aids for the walls in the suite. This could
> include a banner, blow ups of the diagrams, etc.

> We need to agree on the size and format for the signage to be
> used by each company and should probably discuss how and
> where this is to be placed.
> What have similar Interop events done? Are they comparible?
> Can we leverage any of what they did? Should we avoid
> something they did? I've taken the liberty to ask Jim to
> research this and provide his thoughts.

I think each participating vendor should identify a marketing contact to work on this stuff in parallel to the technical work.

This is a good idea, but if one organization had a marketing person to put forth some well thought out ideas it might save a lot of effort? Anyone? I'll definitely talk to our people.

> If we can show that SAML is very real in products that will
> soon be shipping (or already are) AND have all vendors feel
> good about their participation, we will have been very successful.


> I am sure that all of you will be able to add to this list
> and maybe even point out why some of these issues aren't big (or
> are even bigger). Whatever the case, let's try to build a
> fairly succinct list of issues/discussion points. Then let's get on a
> conference call and try to make decisions on some and divide
> and conquer the rest. For those issues it becomes clear can't be
> solved on the phone or which require more investigation, we
> can assign an individual or individuals to develop a
> strawman, discuss via email and if necessary have another con call.

> This email is only my attempt to move us forward. If there is
> a better way or if somehow this is already going on and I'm
> just not aware, please point me in the right direction. Thanks.
> If you've been waiting for a fire to be lit under this
> effort, please consider this email the match :-)
> Don;

I don't see any way to deal with these issues other than attacking then one at a time.


Attachment: don.bowen.vcf
Description: Card for Don Bowen

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC