OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: ..Report from Bindings Telecon

Here are some comments from the bindings telecon
relevant to the overall group:
(1) Terminology: the bindings group has selected the terminology:
SAML Protocol Binding, to describe the layering of SAML request-response
messages on "top" of a substrate protocol,
Example: SAML HTTP Binding (SAML request-response messages layered on HTTP).
a profile for SAML, to describe the attachment of SAML assertions to a 
packaging framework or protocol, 
Example: SOAP profile for SAML, web browser profile for SAML
This terminology needs to reflected in the requirements document, where the
generic term "bindings" is used. It needs also to be added to the glossary
(2) There is a need for a permanent registration service for publishing
bindings and profiles. The bindings group specification will provide
for creating a protocol binding or profile, but we also need to point to
some form of registration service.
How can we take this forward? Is OASIS wiling to host a registry?
(3) In previous messages [1] it has been pointed out that there is 
a requirement for assertions to support some structure to support their
"secure attachment" to payloads. This is a blocking factor to creating a
profile or a MIME profile. If needed, the bindings group can make a design
proposal in this space but we would like input from the broader group.
- prateek

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC