OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: Vocabularies


Another issue that was touched on during the face-to-face was
vocabularies or syntaxes for naming entities such as subjects, actions
and attributes.  Examples that came up: X.500-style* DN or DNS domain
for security domains, DN for subject name, DSML for attributes, RWX or
HEAD/GET/POST for actions.

There's immense opportunity for interoperability in developing a set
of common vocabularies for these concepts (while, of course, leaving
open a path for extension). A baseline of "level 0" vocabularies for
our most common namespaces** would greatly lower the barrier for
making SAML work in real-world situations.

My concern is that, like digital sigs or encryption, these
vocabularies will fall into the gap between core architecture
(assertions and messages) and bindings.

For these reasons, I'm asking that we add an issue to the issues list
along the lines of: Should we specify baseline vocabularies? If so,
who will do this work? And what baseline of vocabularies should be
specified?

~ESP

* If there's a better name for what this is, I'd appreciate a
  heads-up. My first encounter with this syntax is X.500, so I
  guess I bookmark it under X.500.

** By which I mean, "type and range of names." Not necessarily XML
  namespaces.

-- 
Evan Prodromou, Senior Architect        eprodromou@securant.com
Securant Technologies, Inc.             415-856-9551



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC