[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Sessions May 4 Concall Notes
Attendees: Hal Lockhart Gilbert Pilz Dave Orchard Jeff Hodges Steve Anderson Alex Berson Terminology agreed: Dynamic Sessions vs. Static Sessions. Discussion of Requirements Agreed to use ITML + SAML usecases as functional requirements starting point. Discussion of non-functional reqmnts. Consensus: Use best practice distributed design to handle common errors, don't wory about obscure multiple failures. Protocol does not need to avoid single point of failure, components can be made highly available if desired Consensus: Session information is advisory, participants can ignore, risk seems to fall only those who ignore session state changes. Spec should specify all state transitions. Use MAY and SHOULD. Discussed tradeoffs between message efficiency, network overhead, information timeliness. No consensus. Desirable to allow tradeoff at deployment time. May not be possible. Discussion of work to be produced by this group. Consensus: At a minimum: Session Management Components (entities that send and receive session messages) Session messages, signicicant data fields, not necessarily format Message flows and associated state transitions Implications for the rest of SAML Security Implications How do I know if I have to worry about sessions? If yes, what do I have to do? Other implications Dave Orchard agreed to produce strawman btwn Mon PM and Wed PM. Agreed to have concall next Thurs 5/10 @ 2 PM EDT. Hal
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC