OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: PR comments on SAML V2.0 Identity Assurance Profiles, Version 1.0



As part of the duties of serving on the TAB, 60 day public reviews are rotated amongst the TAB members, excluding TC-Admin who has to remain neutral.

These comments are provided by me as an individual TAB member and do not necessarily represent the views of all TAB members.


Line numbers relative to the PDF.


Line 29/30 : change “It relies the features…” to “It relies on the features…”


Line 33: no namespace. Line number 123 say “defines a restricted version of the AuthnContext schema”. Would it not make sense to put this in its own namespace to avoid confusion with the original? There is usually some mechanism used to be able to identify when a profile is being used.


Line 171: “When these words are not capitalized, they are meant in their natural-language sense.” This is in violation of RFC2119. Use other words  in non-normative text.


Line 207 thru 210: This template has no introduction or description, so I have no idea what it is saying.


Line 211, section 2.2. There is no normative requirement in this section. Is this intentional?


Line 340: this is the ONLY normative MUST I see in the whole document (excluding the conformance section). I think there is more going on in this spec than a single MUST, but I can’t figure that out.


Line 387: conformance. I would like to see references back to the relevant sections in 2 and 3 somewhere in 4.1/4.2 as its not explicitly clear what is in this profile.


Line 389: implementations of what? Please clarify.


Final comment. There needs to be some more tying together of  sections 2, 3 and 4 so it is obvious that they are defining something that is a coherent profile.






Martin Chapman | Standards Professional
Mobile: +353 87 687 6654

ORACLE Ireland
"Please consider your environmental responsibility before printing this e-mail"

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]