[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: What shall we name our specification(s)?
Yes, but I thought that since we're designing more than just a ML (e.g. we're attributing it with protocol semantics) that the "ML" in the name was too constraining. SAXP or Security Assertion eXchange Protocol would be closer to what we're about, IMHO. Of course, this name omits the "Service" aspect which is, I believe, one of the compelling aspects of all of this work. Defining an interoperable service "interface" (the Auth/Az Request/Response pairs) is as important an aspect as the exchange of the assertions themselves as it will allow for the development/migration of applications that can delegate these (Auth o/e) functions to a blankety-blank compliant service provider. Maybe Security Assertion Service and eXchange Protocol (SASXP)? My $0.02, Chris George_Robert_Blakley_III@tivoli.com wrote: > > I second Marc's nomination here (in fact I think I suggested the same > thing). I think "SAML" is the most descriptive > and accurately-scoped alternative. > > --bob > > Bob Blakley > Chief Scientist, Security > Tivoli Systems, Inc. > > "Chanliau, Marc" <MChanliau@netegrity.com> on 01/29/2001 03:56:11 PM > > To: "Orchard, David" <dorchard@jamcracker.com>, Philip Hallam-Baker > <pbaker@verisign.com>, "'Eve Maler'" <eve.maler@east.sun.com>, > security-services@lists.oasis-open.org > cc: > Subject: RE: What shall we name our specification(s)? > > How about SAML (Security Assertion Markup Language). > Marc Chanliau > -----Original Message----- > From: Orchard, David [mailto:dorchard@jamcracker.com] > Sent: Monday, January 29, 2001 4:44 PM > To: Philip Hallam-Baker; 'Eve Maler'; > security-services@lists.oasis-open.org > Subject: RE: What shall we name our specification(s)? > > I know you are keen on getting the focus on authorization, but I'm not too > interested in dropping authentication and keeping authorization. Either > authent +author, or neither would be my interest. > > Dave > > -----Original Message----- > From: Philip Hallam-Baker [mailto:pbaker@verisign.com] > Sent: Monday, January 29, 2001 12:23 PM > To: 'Eve Maler'; security-services@lists.oasis-open.org > Subject: RE: What shall we name our specification(s)? > > My objection to A2ML was that specifying Authentication in the name to me > implies that we would be supporting authenticated key exchange, which is > something I don't want to do in an OASIS group, that is something I would > prefer to do in a closed group of cryptographers and network security > protocol engineers. > > On the other hand "Authorization Assertion Markup Language" would have the > initials A2ML, thus indicating the warm touchy feely get together vibes > people want, being clearly a descendent of S2ML and Auth XML (whose current > voting success I take note of). > > Does anyone else have definite feelings towards the binding of the second > A? > > Phill
begin:vcard n:Ferris;Christopher tel;work:781-442-3063 x-mozilla-html:FALSE org:Sun Microsystems, Inc;XML Technology Development adr:;;One Network Drive;Burlington;Ma;01824-0903;USA version:2.1 email;internet:chris.ferris@east.Sun.COM title:Sr. Staff Engineer x-mozilla-cpt:;0 fn:Christopher Ferris end:vcard
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC