OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: SAML interop decision checklist


We all know SAML compliance != interoperability.  Two SSO products could be
"SAML compliant" yet be totally unable to support intersite transfer of a
user from one to the other.  This is because SAML is a framework that leaves
many decisions to the implementer.

Based on all the interop activity, did anyone capture a checklist or
guidelines for the key decisions / agreements that must be made by the
participating parties in order to interoperate under the browser profile?

I'm talking about decisions like:
1. Digital signing - how much (if at all)? which elements?
2. Mutual SSL
3. Recognized CA & revocation check process for certs
4. SAML source ID convention
5. Schema validation
6. SAML extensions
7. User naming conventions
8. Logoff coordination
9. Redirect URLs for certain events

etc. etc.  A checklist or simple Interop Cookbook would be really valuable.


Michael McCormick
System Architect
Wells Fargo Services Company
Enterprise Architecture
100 Washington Avenue South, Suite 606
MAC N9327-060
Minneapolis MN 55479
> *  612-667-9227 (voice)
> *  612-590-1437 (cell)
* 612-621-1318 (pager)
> *   612-667-7642 (fax)
> *  mailto://michael.mccormick@wellsfargo.com
> *  m.mccormick@acm.org
"THESE OPINIONS ARE STRICTLY MY OWN AND NOT NECESSARILY THOSE OF WELLS
FARGO"



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]