[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Sessions May 4 Concall Notes
Attendees:
Hal Lockhart
Gilbert Pilz
Dave Orchard
Jeff Hodges
Steve Anderson
Alex Berson
Terminology agreed: Dynamic Sessions vs. Static Sessions.
Discussion of Requirements
Agreed to use ITML + SAML usecases as functional requirements starting
point.
Discussion of non-functional reqmnts.
Consensus: Use best practice distributed design to handle common errors,
don't wory about obscure multiple failures. Protocol does not need to avoid
single point of failure, components can be made highly available if desired
Consensus: Session information is advisory, participants can ignore, risk
seems to fall only those who ignore session state changes. Spec should
specify all state transitions. Use MAY and SHOULD.
Discussed tradeoffs between message efficiency, network overhead,
information timeliness. No consensus. Desirable to allow tradeoff at
deployment time. May not be possible.
Discussion of work to be produced by this group.
Consensus: At a minimum:
Session Management Components (entities that send and receive session
messages)
Session messages, signicicant data fields, not necessarily format
Message flows and associated state transitions
Implications for the rest of SAML
Security Implications
How do I know if I have to worry about sessions?
If yes, what do I have to do?
Other implications
Dave Orchard agreed to produce strawman btwn Mon PM and Wed PM.
Agreed to have concall next Thurs 5/10 @ 2 PM EDT.
Hal
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC