[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Last year's interop spec and final report
FYI... Rob Philpott Senior Consulting Engineer RSA Security Inc. Tel: 781-515-7115 Mobile: 617-510-0893 Fax: 781-515-7020 mailto:rphilpott@rsasecurity.com > -----Original Message----- > From: Andy Moir [mailto:andy.moir@oasis-open.org] > Sent: Wednesday, January 05, 2005 1:20 PM > To: sampo@symlabs.com > Cc: samldemotech@lists.oasis-open.org; samldemoprimary@lists.oasis- > open.org; Robert.ciochon@ca.com; 'Shin_Adachi' > Subject: SAML Demo 1/5 Technical Meeting - Decide on Use Cases > > Weekly Technical Conference Calls > 6 pm ET each Wedneaday > Dial-in: 781-515-2321 > Conference Password: 1208 > Dial-in and password is the same every week > > > -----Original Message----- > From: sampo@symlabs.com [mailto:sampo@symlabs.com] > Sent: Wednesday, January 05, 2005 9:06 PM > To: andy.moir@oasis-open.org > Cc: samldemotech@lists.oasis-open.org; > samldemoprimary@lists.oasis-open.org; Robert.ciochon@ca.com; > 'Shin_Adachi' > Subject: Re: SAML Demo 1/5 Technical Meeting - Decide on Use Cases > > > Andy Moir writes: > > During the 1/5 Technical Meeting we will need to finalize what use > > case > > I have not seen any mail announcong this conf call. What time? What > number? What pin code? > > --Sampo > > > will be included in the SAML 2.0 InterOp Demo. Please plan to attend > > and be prepared to determine which cases we should use so that we can > > be sure that we have received input from a majority of participants. > > > > Included in this e-mail are: > > 1) Notes from 12/29 Technical Call > > 2) Notes from 12/22 Technical Call from Thomas Wisniewski at Entrust > > 3) My Key Takeaways e-mail for the 12/22 meeting > > 4) SAML 2 Features Ranking Excel Spreadsheet - Vendor rankings of > > which use cases they prefer to use > > > > Andy Moir > > 412-213-0338 Work > > 412-848-1545 Cell > > andy.moir@oasis-open.org > > > > ====================================================================== > > == > > ================================ > > > > > > 1) 12/29 Meeting Notes > > ---------------------- > > - Very limited attendance so we agreed that use cases would need to be > > > finalized at 1/5 meeting. > > - Dave Silver at Enspier expressed his concern that we have not yet > > nailed down which use cases we will be using in the demo. He and > > Terry will be looking for group to nail down final list during 1/5 > > meeting so that they can help define scenarios for the InterOp > > - Single Sign on and Single Logout have the highest rankings based on > > vendor responses (see attached spreadsheet). We discussed again having > > > tiers of use cases. > > - Tom volunteered to send his notes from 12/22 meeting since I had > > focused on key takeaways, while he had captured some of the discussion > > > points that may help us nail down use cases during next meeting. > > - We need to get someone to volunteer to take minutes at each meeting > > - Dave Silver is needs to get final confirmation that we can use the > > GSA E-Authentication Interop Lab for February 2-3 (and 4 if > > necessary). He should have final decision by 1/5 meeting. > > > > > > > > 2) December 22 (last week) Meeting Notes courtesy of Thomas Wisniewski > > > at Entrust > > ---------------------------------------------------------------------- > > -- > > ------ > > 1. For Soap calls (e.g., if Artifact Resolution is used ala > > Browser-Artifact, or for Attribute Queries), the security model that > > will be used is Basic Authentication with SSL (i.e., bullet 2 in > > SamlConform section 3.5). > > 1a. We should decide on ids/pwds ahead of time. > > > > 2. SSO AuthnRequest and Response will be a core use case. > > 2a. Either Post or Artifact will be used (only one). > > 2b. The user will most likely be able to start at either the IDP, > > SP, or some other common site (to be discussed). > > 2c. The ability to return attributes in the Response (similar to > > last year). This was mentioned but nothing agree to. > > 2d. The use of persistent name identifiers (seemed to be the common > > choice) based on the fact that this is one of the most interesting > > things in Saml 2.0 -- but nothing was agreed to. Persistent name > > identifiers includes ID Federation as part of the > > AuthnRequest/Response protocols. > > 2e. The format for attributes would be ...:basic (and not uri) for > > simplicity purposes. > > > > 3. SLO Request and Response will be a core use case. > > 3a. HTTP Redirect will be used (and not soap). > > 3b. User can initiate from SP or IDP. > > 3c. Either as a core use case or advanced use case, the IDP SLO may > > > provide the user the list of SPs they are logged into and allow them > > to logout individually from each SP. > > > > 4. MNI new name and terminate will be an advanced use case > > 4a. Need to decide on HTTP Redirect or SOAP. > > 4b. User can initiate from SP or IDP. > > > > 5. Attribute Query will be an advanced use case. > > 5a. Need to decide on which attributes should be supported. This > > includes the ability of changing the data at the IDP site, and then > > while still logged in at the SP site, being able to retrieve (do an > > attribute query to the IDP) and obtain the changed information. Some > > discussion was made of simple attributes that don't require an IDP > > change feature (e.g., a timer, a counter, clock, etc...) vs. > > specifying some trivial attributes like bank account balance, favorite > > > color, etc... > > 5b. The format for attributes would be ...:basic (and not uri) for > > simplicity purposes. > > > > 6. IDP Discovery will be an advanced use case. > > > > 7. At minimal , the CD version 3.0 specs and schemas would be used. A > > set of 3.0a versions was released this week that have some minor > > changes. Perhaps those should be the default ones used. > > > > 8. The Dry Run would possibly include a third day (Friday Feb 4) if > > this was deemed necessary during the interop. > > > > 9. Sampo K. from Symlabs offered to generate certificates for the > > conference. This is also necessary for the interop. NOTE: it would be > > ideal if the certs can be generated for the dry run ahead of time and > > that these same certs could be used at the interop. > > > > 10. We will not use encrypted identifiers, attributes, or assertions. > > > > ---------------------------------------------------------------------- > > -- > > ------------------------- > > 3) Following are the meeting notes I had sent out after last week's > > meeting: > > > > Following are key takeaways from our meetng on Wednesday, 12/22: > > > > 1) Techncal Lead > > -Bob Ciochon from Computer Associates has volunteered to be the > > technical lead for this event. Good news!!! > > > > 2) Technical Conference Calls > > - The recurring Wednesday 6 pm ET conference calls will become > Technical > > calls beginning with the next call on Wednesday, 12/29 > > > > - Dial-in information remains the same as previously published > > > > 3) Marketing Conference Calls > > - We need a proposed day of week and time for a recurring Marketing > > call. People on the marketing list can e-mail me with potential dates > > times as soon as possible with hope we can get one set up next week. > > > > - Brad Meehan from RSA is the Marketing Lead > > > > 4) InterOp Demo Dry-Run > > - Tentatively scheduled for February 2-3 (Wed/TH) in Washington, DC > > - Andy to follow-up with Enspier/GSA to confirm date/location, plus > > collect essential travel info (location address, hotels, etc.) > > > > 5) Scenarios for Demo > > - Next technical call will have strong focus on determining Scenarios > to > > use for Demo > > - Will use the Scenario ranking spreadsheet as a starting point for > > discussions > > > > > > > > .................................................................... > Sampo Kellomaki ---> Chief Architect ---> DirectoryScript > M: +351-918.731.007 F: +351-213.422.185 W: www.symlabs.com Customize > directories -> LDAP SOAP Liberty SIP -> Directory Extender >
RSA2004-saml-interop-final.doc
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]