[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [Issue] Should Bindings be the subject of Confiormance
In most cases in adding issues to draft-sstc-saml-issues-05.doc I used text provided by others. In a few cases, I added substantial new text which has never been posed to the mailing list. As a courtesy to those who don't wish to plow through the entire issues list, I am posting it retroactively. Hal ISSUE:[MS-3-01: BindingConformance] Should protocol bindings be the subject of conformance? The bindings sub group is defining both SAML Bindings and SAML Profiles. It has been proposed that both of these would be the subject of independent conformance tests. The following definitions have been proposed: SAML Binding: SAML Request/Response Protocol messages are mapped onto underlying communication protocols. (SOAP, BEEP) SAML Profile: formats for combining assertions with other data objects. These objects may be communicated between various system entities. This might involve intermediate parties. This suggests that a Profile is a complete specification of the SAML aspects of some use case. It provides all the elements needed to implement a real world scenario, including the semantics of the various SAML Assertions, Requests and Responses. A Binding would simply specify how SAML Assertions, Requests and Responses would be carried by some protocol. A Binding might be used as a building block in one or more Profiles, or be used by itself to implement some use case not covered by SAML. In the later case, it would be necessary for the parties involved to agree on all aspects of the use case not covered by the Binding. Thus conformance testing of Bindings might be undesirable for two related reasons: · The number of independent test scenarios is already large. It seems undesirable to test something that does not solve a complete, real-world problem. · Parties would be able to claim "SAML Conformance" by conforming to a Binding, although they would not be able to actually interoperate with others in a practical situation, except by reference to a private agreement. This would likely draw a negative response from end users and other observers. The advantages of testing the conformance of Bindings include: · Simplifying testing procedures when a Binding is used in several Profiles that a given party wishes to conform to. · Allow SAML to be used in scenarios not envisioned by the Profiles. This was identified as F2F#3-2.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC