[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [security-jc] Security Forum program semi-final program
I would argue that SPML is very Web Services Security relevant. We all understand that federated identity and access control are required. SPML is intended to provide the vehicle for "provisioning" the identity and policy entries that these models rely upon. Although not well evangelized, SPML is also very appropriate technology upon which self-service and general subscription management services could be expresses and executed. That said I fully understand the constraints here. If the boat has sailed, all I can do it wave at it :-} -------------------------------------------------------- Darran Rolls http://www.waveset.com Waveset Technologies Inc drolls@waveset.com (512) 657 8360 -------------------------------------------------------- > -----Original Message----- > From: Karl F. Best [mailto:karl.best@oasis-open.org] > Sent: Friday, July 19, 2002 2:09 PM > To: security-jc@lists.oasis-open.org > Subject: RE: [security-jc] Security Forum program semi-final program > > The forum is on "security standards for web services", which is > different than Web Services Security (or WS-S). A generic though > somewhat focused topic vs. a specific specification. > > </karl> > ================================================================= > Karl F. Best > OASIS - Director, Technical Operations > +1 978.667.5115 x206 > karl.best@oasis-open.org http://www.oasis-open.org > > > > -----Original Message----- > > From: Darran Rolls [mailto:Darran.Rolls@waveset.com] > > Sent: Friday, July 19, 2002 10:55 AM > > To: Karl F. Best; security-jc@lists.oasis-open.org > > Subject: RE: [security-jc] Security Forum program semi-final program > > > > > > What do I conclude from this? It sounds like your saying > > we should be > > including all standards not just WSS - right? > > > > -------------------------------------------------------- > > Darran Rolls http://www.waveset.com > > Waveset Technologies Inc drolls@waveset.com > > (512) 657 8360 > > -------------------------------------------------------- > > > > > > > -----Original Message----- > > > From: Karl F. Best [mailto:karl.best@oasis-open.org] > > > Sent: Friday, July 19, 2002 9:51 AM > > > To: security-jc@lists.oasis-open.org > > > Cc: Karl > > > Subject: RE: [security-jc] Security Forum program > > semi-final program > > > > > > Everyone should please understand that 1) the focus of > > the program is > > > on security standards for web services (note tha name of > > the program); > > > 2) the politics of working together with W3C are tricky; > > 3) having to > > > put together this program on *very* short notice is a lot > > of fun; 4) > > > there are time constraints with having a one-day program. > > There's a > > > lot of challenges and an awful lot of different parties > > to keep happy > > > on this. > > > > > > (Thanks for your responses, Hal.) > > > > > > </karl> > > > ================================================================= > > > Karl F. Best > > > OASIS - Director, Technical Operations > > > +1 978.667.5115 x206 > > > karl.best@oasis-open.org http://www.oasis-open.org > > > > > > -----Original Message----- > > > From: Darran Rolls [mailto:Darran.Rolls@waveset.com] > > > Sent: Friday, July 19, 2002 10:09 AM > > > To: Hal Lockhart; Karl F. Best; security-jc@lists.oasis-open.org > > > Subject: RE: [security-jc] Security Forum program > > semi-final program > > > > > > > > > It does make sense if the focus is on explaining > > WS-Security only. My > > > understanding was the program addressed security > > standards initiatives > > > within OASIS and W3C, how they fit together and > > inter-relate. If the > > > focus has shifted to one of explaining these > > relationships relative to > > > WS-Security alone, I agree with the analysis. > > > > > > I know this is effort has a short window. I also > > understand that we > > > can't do everything in a single day. I do however feel rather > > > strongly that if this event represents a discussion model for > > > "security standards", it should at least include a > > complete list of > > > those standards with a short description or each (if > > nothing else). > > > > > > As a secondary assessment from this decision, should the > > SJC consider > > > directing all OASIS security initiatives to explain > > their relevance > > > to and relationship with WS-Security (not incidentally a > > bad thing)? > > > > > > -------------------------------------------------------- > > > Darran Rolls http://www.waveset.com > > > Waveset Technologies Inc drolls@waveset.com > > > (512) 657 8360 > > > -------------------------------------------------------- > > > > > > -----Original Message----- > > > From: Hal Lockhart [mailto:hal.lockhart@entegrity.com] > > > Sent: Friday, July 19, 2002 8:32 AM > > > To: Darran Rolls; Karl F. Best; tab; > > security-jc@lists.oasis-open.org > > > Subject: RE: [security-jc] Security Forum program > > semi-final program > > > > > > Since the focus was on WS-Security specifically and the > > time on the > > > program, I suggested that we not address SPML. I think it > > is unlikely > > > that WS-Security will deal with provisioning in the near term. > > > Hal > > > > -----Original Message----- > > > > From: Darran Rolls [mailto:Darran.Rolls@waveset.com] > > > > Sent: Thursday, July 18, 2002 4:10 PM > > > > To: Karl F. Best; tab; security-jc@lists.oasis-open.org > > > > Subject: RE: [security-jc] Security Forum program > > semi-final program > > > > > > > > > > > > Karl > > > > > > > > Is there a reason why SPML is not on the security standards > > > overview? > > > > Does the forum panel not consider life-cycle management of the > > > > underlying identity important to the proposed security stack? > > > > > > > > -------------------------------------------------------- > > > > Darran Rolls http://www.waveset.com > > > > Waveset Technologies Inc drolls@waveset.com > > > > (512) 657 8360 > > > > -------------------------------------------------------- > > > > > > > > > > > > > -----Original Message----- > > > > > From: Karl F. Best [mailto:karl.best@oasis-open.org] > > > > > Sent: Thursday, July 18, 2002 11:07 AM > > > > > To: tab; security-jc@lists.oasis-open.org > > > > > Subject: [security-jc] Security Forum program > > semi-final program > > > > > > > > > > FYI - the forum program. Speaker names to be filled > > in as they are > > > > > confirmed. This should be posted on the web (OASIS and/or > > > conference > > > > > web site) by tomorrow. Press releases etc. on the way. > > > > > > > > > > </karl> > > > > > > > ================================================================= > > > > > Karl F. Best > > > > > OASIS - Director, Technical Operations > > > > > +1 978.667.5115 x206 > > > > > karl.best@oasis-open.org http://www.oasis-open.org > > > > > > > > > > > > > > > > > > > > Forum on Security Standards for Web Services > > > > > -------------------------------------------- > > > > > [insert abstract here] > > > > > > > > > > program chairs: Karl Best, OASIS; and Janet Daly, W3C > > > > > > > > > > 9:00-9:30 Welcome by program chairs and by OASIS and W3C > > > management > > > > > > > > > > 9:30-10:15 Technical plenary. Why are security standards > > > > necessary for > > > > > web services. How do the pieces fit together? > > > > > Phillip Hallam-Baker, Verisign > > > > > > > > > > 10:15-10:30 break > > > > > > > > > > 10:30-12:30 Use cases and requirements. Presentations > > from various > > > > > industries who use security standards for web services. > > > > > Speakers TBA. > > > > > > > > > > 12:30-1:30 lunch > > > > > > > > > > 1:30-3:30 Overview of the security standards. > > > > > > > > > > - XML Digital Signature, XML Encrytion: Joseph Reagle, W3C > > > > > - WS Security: speaker TBD > > > > > - SAML: speaker TBD > > > > > - IETF SSL, BEEP, FASL, Kerberos: speaker TBD > > > > > - XKMS: Philip Hallam-Baker, Verisign > > > > > - XACML, Rights Language: Hal Lockhart, Entegrity > > > > > > > > > > 3:30-3:45 break > > > > > > > > > > 3:45-4:30 Expert panel. A response to the use > > cases/requirements > > > and > > > > > the specifications. Do they match? What's missing? > > > > > > > > > > chair and speakers TBD > > > > > > > > > > 4:30-5:00 Audience reaction/feedback > > > > > > > > > > 5:00-5:30 Wrapup by panel and closing statements from > > conference > > > > > sponsors. > > > > > > > > > > > > > > > > > > > > > > ---------------------------------------------------------------- > > > > > To subscribe or unsubscribe from this elist use the > > subscription > > > > > manager: <http://lists.oasis-open.org/ob/adm.pl> > > > > > > > > ---------------------------------------------------------------- > > > > To subscribe or unsubscribe from this elist use the subscription > > > > manager: <http://lists.oasis-open.org/ob/adm.pl> > > > > > > > > > > > > > ---------------------------------------------------------------- > > > To subscribe or unsubscribe from this elist use the subscription > > > manager: <http://lists.oasis-open.org/ob/adm.pl> > > > > > ---------------------------------------------------------------- > To subscribe or unsubscribe from this elist use the subscription > manager: <http://lists.oasis-open.org/ob/adm.pl>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC