[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [security-services] Thoughts wrt draft-sstc-saml-issues-status-01
Below's my personal take on saml-issues-status-01. I've listed only the issues
where I have a different opinion on their status.
my $.02.
JeffH
> Line#
> -----
> 1 OASIS SSTC Open Issues Status
>
>
> 2
>
> 3 draft-sstc-saml-issues-status-01
>
> 4
>
> 5 January 21, 2002
>
> 6 Hal Lockhart
>
> 7
.
.
.
> 36 ISSUE:[UC-7-02:Enveloped]
> 37 Core specification in XML Signature Profile states that SAML assertions and protocols must use
> 38 enveloped signatures. Recommend this be closed with a resolution of deferred.
status=CLOSED
resolution=assns are "fit for being enveloped"
>
> 57 ISSUE:[UC-9-02:PrivacyStatement]
status=DEFERRED
> 75 Design Issues
>
> 76 Group 1: Naming Subjects
>
> 77 ISSUE:[DS-1-02: Anonymity Technique]
status=DEFERRED
>
> 87 ISSUE:[DS-1-06: MultipleSubjects]
status=CLOSED
>
> 91 ISSUE:[DS-1-07: MultpleSubjectConfirmations]
status=CLOSED
>
> 95 ISSUE:[DS-1-08: HolderofKey]
status=OPEN
>
> 100 ISSUE:[DS-1-09: SenderVouches]
status=OPEN
> 109 ISSUE:[DS-3-02: ClockSkew]
status=DEFERRED if someone willing to argue for future consideration, else
status=CLOSED
>
> 112 ISSUE:[DS-3-03: ValidityDependsUpon]
status=DEFERRED if someone willing to argue for future consideration, else
status=CLOSED
>
> 114 Group 4: Assertion Style
> 115 ISSUE:[DS-4-02: XML Terminology]
> 116 This is no longer subject to debate. Recommend closing it.
champion=JeffH
status=CLOSED
write-up...
wrt: DS-4-02: XML Terminology
http://lists.oasis-open.org/archives/security-services/200109/msg00054.html
>
> 117 ISSUE:[DS-4-04: URIs for Assertion IDs]
champion=JeffH
status=CLOSED
write-up...
composition of AssertionID (Issue: DS-4-04: URIs for Assertion IDs)
http://lists.oasis-open.org/archives/security-services/200106/msg00025.html
>
> 120 ISSUE:[DS-4-05: SingleSchema]
status=CLOSED
> 123 ISSUE:[DS-4-08: anyAtttribute]
> 124 anyAttribute has not been added to the core schema. It is also not clear if there are additional
> 125 issues relating to attribute schemas. This needs resolution.
> 126 Champion: Eve Maler
status=OPEN
> 134 ISSUE:[DS-5-04: Request Reference]
> 135 AssertionSpecifier has been dropped from Subject. Recommend closing it.
>
status=DEFERRED
> 136 Group 6: Attributes
> 137 ISSUE:[DS-6-01: Nested Attributes]
status=DEFERRED
> 144 ISSUE:[DS-6-05: AttributeScope]
status=CLOSED
"AttributeNamespace" satisfies this?
> 173 Group 9: Request Handling
> 174 ISSUE:[DS-9-01: AssertionID Specified]
status=OPEN
processing model not yet clearly defined.
> 187 ISSUE:[DS-9-05: RequestAttributes]
> 188 Current core does not include this element. Perhaps Target satisfied this requirement? This
> 189 appears to be unresolved.
> 190 Champion: Simon Godik
status=DEFERRED
> ISSUE:[DS-9-06:Locate attributeAuthorities]
in-process as of 22-Jan concall
status=OPEN
> 200 ISSUE:[DS-9-10: IssueInstant in Req&Response]
> 201 Current core does not include this feature. This appears unresolved.
> 202 Champion: Scott Cantor
status=OPEN
> 206 Group 11: Authorization Decision Assertions
> 207 ISSUE:[DS-11-01: MultipleSubjectAssertions]
> 208 Current core permits multiple subjects. I don’t see any discussion of the semantics. This is
> 209 unresolved.
status=DEFERRED
>
> 225 ISSUE:[DS-12-06: RequestALLAttrbs]
> 226 Current core does not seem to specify any way to ask for all attributes. This is unresolved.
status=DEFERRED
> 242 ISSUE:[DS-14-07: BearerIndication]
> 243 This functionality is provided in the Web Browser Post Profile, which specifies the use of a
> 244 bearer SubjectConfirmationMethod, but this is not present in the core spec. This is unresolved.
status=CLOSED
addressed by SubjectConfirmation et al
> 252 ISSUE:[DS-14-11: CompareElements]
> 253 Current core is silent on how these element are to be compared. This would seem to imply only
> 254 exact binary matching. Recommend this be closed.
status=OPEN
I echo Steve Farrell's concerns about this -- we likely need to think more
carefully about this.
---
end
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC