OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: UDDI AG meeting and SAML: SAML in UDDI and XQuery subsets.


First of all, it is my understanding that the AG meeting is covered by an
I would be happy to entertain technical discussions of your points below
and will respond  on the AG mailing list...
(and will copy them so that they can participate in this discussion)
which for those of you who are not members is quite easy to join.....and I
would encourage you to do so... see

Second, you have taken several things out of context.   I also  find it a
bit disconcerting
that you have intermixed private conversations  we had  outside the AG
forum with
discussions in the meeting. I don't believe you actually articulated your
feelings about these points
within the AG meeting itself. This is unfortunate because I would have then
had the opportunity to respond.

My perspective on Single Sign On, and Joe Pato and Bob Blakely can support
me on this, ( since
I recall lengthy discussions on this topic at the Open Group) is that it is
an overloaded term. What
I propose to do within UDDI  is find out what problem exactly we are trying
to solve
before we start architecting solutions.


again, more comments on the AG list so join up everyone!  :)
you know you need more email!

"Orchard, David" <dorchard@jamcracker.com> on 06/22/2001 03:13:42 AM

To:   oasis sstc <security-services@lists.oasis-open.org>
Subject:  UDDI AG meeting and SAML: SAML in UDDI and XQuery subsets.

I attended the UDDI AG meeting this week, and a few SAML related items came

The use of SAML for SSO onto multiple UDDI repositories was questioned
strongly by Maryanne Hondo of IBM.  The logic is that if everything is
replicated, why support SSO?  Personally, I think this ought to be
to support transition between public and private registries, which have
different data sets.

I lobbied Maryanne to support model extensions for security.  This would
allow a business entity to specify in standard tModel the security
mechanisms it supported, ie username/password and SAML.  This is not a
security requirement per se, but more of modelling requirement.

We may want SAML to formally liase with UDDI on these and other issues.

On a somewhat related note, I supported Vadim of BEA's lobbying for the use
of XQuery to query UDDI repositories.  There was strong resistance to use
the full spec.  I suggested publicly and privately that a subset of XQuery
be used.  Chris Kurt of Microsoft and overall UDDI lead was extremely
interested in this idea.  I further suggested that UDDI formally respond to
the XQuery working drafts, indicating what features it may/would be
interested in subsetting.  I also think that SAML should do this, and will
volunteer to write a draft no matter what SAML decides to do on SAML ver
wrt XQuery.  This serves a few purposes: 1) I'm hoping that requests from
UDDI and/or SAML will place pressure on XQuery to formally subset or
XQuery; 2) If UDDI can place pressure, they may do some of the work that
SAML could then pick up; 3) Increase the likelihood of lightweight XQuery
implementations, removing some of the SAML vendor concerns about
4) if any members of the XQuery WG (including the chair?) have inclinations
to do profiles or subsets of XQuery, these could be powerful motivators.

Dave Orchard
XML Architect
Jamcracker Inc.,    19000 Homestead Dr., Cupertino, CA 95014
p: 408.864.5118     m: 604.908.8425    f: 408.725.4310

www.jamcracker.com - Sounds like a job for Jamcracker.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC