OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-conform message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: Re: [security-conform] RE: Conformance Clause samples?


A few comments:

- I don't think we should get into describing the certification option 
until such time as someone signs up to actually do certification.  We're 
not committed to this ourselves, are we?

- I think we can't use "profile" for partition.  Partition is okay, but if 
the list of "things" you can be contains only authority types, maybe we 
should just call it that.

- On the subject of authority types, if a system "produces" SAML requests, 
does it have a name?  Does that name need to be listed as a "partition" 
option?  In other words, does producer/consumer only refer to assertions, 
or are requests and responses covered as well?

- Is an authorization authority the same thing as a PDP?

- We haven't normatively defined session authorities yet, have we?

- Why do the matrices actually have "y" filled out in them?  The 
conformance of a particular system would have a pattern of "y" and "n", right?

- What if you just use SAML assertions in a particular profile with some 
request/response protocol of your own devise, i.e. without using the SAML 
request/response structure?  Is this covered somehow in the matrices?  (Oh, 
wait.  Is this the same as Section 2 item #1?)

- Sections 1.1.2 and 1.1.3 are excellent stuff.  Note that many of the 
occurrences of "can" probably want to be "may".

- Regarding Section 2 item #3, I think the granularity should be at the 
partition level if we can manage it.

If I'm poking at the right kinds of things, I'd be happy to try to sketch 
some wording to match them.

         Eve

At 09:29 AM 10/28/01 -0500, Robert Griffin wrote:

>hi Jacques -
>
>i've attached the current SAML Conformance Clause (this is included in the 
>larger SAML Specification) and the Conformance Program Spec (which remains 
>a separate document). Both are incomplete (the Program Spec especially), 
>while we work towards nailing down the details of the SAML spec. But 
>they'll give you at least an idea of what we're driving toward.
>
>regards,
>
>bob
>
>
>-----Original Message-----
>From: jacques [<mailto:jacques@savvion.com>mailto:jacques@savvion.com]
>Sent: Friday, October 26, 2001 9:49 PM
>To: Robert.Griffin@entrust.com
>Cc: jacques@savvion.com
>Subject: Conformance Clause samples?
>
>Hi Robert:
>
>Lynne R. forwarded me to you for getting some suggestion and samples of
>conformance Clause,
>as we are currently drafting conformance clauses for ebXML specs.
>I just would like to see the kind of wording and issues addressed in the
>conf clause
>of some other specs, how levels / profiles are defined, etc.
>  (already got some of this in Security Service Markup Language spec. Any
>other document I could
>look at? I have the OASIS requirement guidelines too.)
>
>Thanks,
>
>Jacques Durand
>   Savvion,
>  Chair of the Conformance Clause working group
>   in the ebXML Interop., Implementation and Conformance (IIC) committee.
>
>

--
Eve Maler                                    +1 781 442 3190
Sun Microsystems XML Technology Center   eve.maler @ sun.com



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC