OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: [saml-dev] RE: [security-services] Points to Make to the Pres sAboutthe Int erop (and SAML generally )

Title: RE: [saml-dev] RE: [security-services] Points to Make to the Press Aboutthe Int erop (and SAML generally )

>Not just because I'm from Sun :-), but I think we need to be prepared to address the
>following question: "What is the difference between SAML and Liberty?". Am I the only

I believe the SAML FAQ addresses this. It is a good point. We should update the SAML FAQ if necessary and make sure copies are available.

As far as Liberty goes, since practically everything that are doing is under non-disclosure, there is not too much we can say other than based on what is on their web site. Basically as I see it, SAML is a specification, Liberty is an organiztion.

>Also, I think "SAML is NOT the Holy Grail" would be another good heading to
>address. This wouldn't downplay the significance, but would seek to make sure that the
>press didn't think we were painting this as a solution to world hunger :-)

Yes, and no. Everybody and his brother today publishes a document and calls it a standard. This is a true standard, developed by the leaders of the relevant industry. Although we are demonstrating the solution of an important, near term problem, I want to make sure the press knows this is not a "one trick pony".

There is is general problem that the press treats Security as a binary quantity. (Either you have it or you don't.) Hence their desire for a standard that "solves web services security". But I can only tackle just so much. I am much more worried about having SAML written off as a solution to yesterday's problems than having it over-hyped.

If we generate a lot of fire and smoke, people will come to look and find out for themselves what SAML is. Plus, I think SAML combined with other standards can solve the most important security problems we have today.

>Are there any other points in our slide preso that are worthy of pointing out? I'd like >us to "write" as much of their report as we possibly can.

As I said in my other message, I am trying to suggest story "leads". I think that is the best we can do.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC