OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

samldemotech message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: SAML Demo 1/5 Technical Meeting - Decide on Use Cases

During the 1/5 Technical Meeting we will need to finalize what use cases
will be included in the SAML 2.0 InterOp Demo.  Please plan to attend
and be prepared to determine which cases we should use so that we can be
sure that we have received input from a majority of participants.

Included in this e-mail are:
1) Notes from 12/29 Technical Call
2) Notes from 12/22 Technical Call from Thomas Wisniewski at Entrust
3) My Key Takeaways e-mail for the 12/22 meeting
4) SAML 2 Features Ranking Excel Spreadsheet - Vendor rankings of which
use cases they prefer to use

Andy Moir
412-213-0338 Work
412-848-1545 Cell

1) 12/29 Meeting Notes
- Very limited attendance so we agreed that use cases would need to be
finalized at 1/5 meeting.
- Dave Silver at Enspier expressed his concern that we have not yet
nailed down which use cases we will be using in the demo.  He and Terry
will be looking for group to nail down final list during 1/5 meeting so
that they can help define scenarios for the InterOp
- Single Sign on and Single Logout have the highest rankings based on
vendor responses (see attached spreadsheet). We discussed again having
tiers of use cases.
- Tom volunteered to send his notes from 12/22 meeting since I had
focused on key takeaways, while he had captured some of the discussion
points that may help us nail down use cases during next meeting.
- We need to get someone to volunteer to take minutes at each meeting
- Dave Silver is needs to get final confirmation that we can use the GSA
E-Authentication Interop Lab for February 2-3 (and 4 if necessary).  He
should have final decision by 1/5 meeting.

2) December 22 (last week) Meeting Notes courtesy of Thomas Wisniewski
at Entrust
1. For Soap calls (e.g., if Artifact Resolution is used ala
Browser-Artifact, or for Attribute Queries), the security model that
will be used is Basic Authentication with SSL (i.e., bullet 2 in
SamlConform section 3.5).
   1a. We should decide on ids/pwds ahead of time.
2. SSO AuthnRequest and Response will be a core use case.
   2a. Either Post or Artifact will be used (only one).
   2b. The user will most likely be able to start at either the IDP, SP,
or some other common site (to be discussed).
   2c. The ability to return attributes in the Response (similar to last
year). This was mentioned but nothing agree to.
   2d. The use of persistent name identifiers (seemed to be the common
choice) based on the fact that this is one of the most interesting
things in Saml 2.0 -- but nothing was agreed to. Persistent name
identifiers includes ID Federation as part of the AuthnRequest/Response
   2e. The format for attributes would be ...:basic (and not uri) for
simplicity purposes. 
3. SLO Request and Response will be a core use case.
   3a. HTTP Redirect will be used (and not soap).
   3b. User can initiate from SP or IDP.
   3c. Either as a core use case or advanced use case, the IDP SLO may
provide the user the list of SPs they are logged into and allow them to
logout individually from each SP.
4. MNI new name and terminate will be an advanced use case
   4a. Need to decide on HTTP Redirect or SOAP.
   4b. User can initiate from SP or IDP.
5. Attribute Query will be an advanced use case.
   5a. Need to decide on which attributes should be supported. This
includes the ability of changing the data at the IDP site, and then
while still logged in at the SP site, being able to retrieve (do an
attribute query to the IDP) and obtain the changed information.   Some
discussion was made of simple attributes that don't require an IDP
change feature (e.g., a timer, a counter, clock, etc...) vs. specifying
some trivial attributes like bank account balance, favorite color,
   5b. The format for attributes would be ...:basic (and not uri) for
simplicity purposes. 
6. IDP Discovery will be an advanced use case.
7. At minimal , the CD version 3.0 specs and schemas would be used. A
set of 3.0a versions was released this week that have some minor
changes. Perhaps those should be the default ones used.
8. The Dry Run would possibly include a third day (Friday Feb 4) if this
was deemed necessary during the interop.
9. Sampo K. from Symlabs offered to generate certificates for the
conference. This is also necessary for the interop. NOTE: it would be
ideal if the certs can be generated for the dry run ahead of time and
that these same certs could be used at the interop.
10. We will not use encrypted identifiers, attributes, or assertions.

3) Following are the meeting notes I had sent out after last week's

Following are key takeaways from our meetng on Wednesday, 12/22: 

1) Techncal Lead 
-Bob Ciochon from Computer Associates has volunteered to be the
technical lead for this event. Good news!!! 

2) Technical Conference Calls 
- The recurring Wednesday 6 pm ET conference calls will become Technical
calls beginning with the next call on Wednesday, 12/29

- Dial-in information remains the same as previously published 

3) Marketing Conference Calls 
- We need a proposed day of week and time for a recurring Marketing
call.  People on the marketing list can e-mail me with potential dates
times as soon as possible with hope we can get one set up next week.

- Brad Meehan from RSA is the Marketing Lead 

4) InterOp Demo Dry-Run 
- Tentatively scheduled for February 2-3 (Wed/TH) in Washington, DC 
- Andy to follow-up with Enspier/GSA to confirm date/location, plus
collect essential travel info (location address, hotels, etc.)

5) Scenarios for Demo 
- Next technical call will have strong focus on determining Scenarios to
use for Demo 
- Will use the Scenario ranking spreadsheet as a starting point for

SAML2 Features Ranking for InterOp Demo at RSA (vendor responses).xls

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]