OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [security-services] AI-38. Jahan,Scott & Prateek to draft changes to profiles for ne w destination site firstflows

Report on discussion between Scott, Jahan and Prateek:
What is proposed set of flows for SAML 1.1?
We were guided by the experience of the SAML interOp and Shiboleth (internet2) and
focussed on a minimal extension that would provide added value by completing the
existing web browser profiles.
We propose to focus on the flows described in Use Case 1, Scenario 1-1 and 1-2 of
Flow 1-3 was excluded as it includes an additional interaction step between source and destination
site which (a) exceeds the desired minimalism,
(b) can be added to flows 1-1 and 1-2 should
source and destination site so desire.
The flows in   
are more expressive and introduce a new actor called a "Source Site Selector".
Formalizing the interactions between the destination site, Source Site Selector and
destination site selector is a good size step. The suggestion would be to defer this
to SAML 2.0.
Two flavors of "SSO Initiation Profiles" are proposed: FORM-oriented and
URL oriented. The two will be closely related but not identical. Scott has proposed
schema and flows for the FORM case. This information may be found in documents
which are enclosed with this message.
- prateek

Attachment: sstc-core-extensions-01.doc
Description: MS-Word document

Attachment: sstc-bindings-extensions-01.doc
Description: MS-Word document

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC