Committee Last Call on SAML V1.1 Specification Set (02-May-2003)

The purpose of this message is to initiate the Security Services Technical Committee (SSTC) Last Call process for the SAML 1.1 Specification Set.

1. WHAT SPECIFICATION SET IS BEING REVIEWED?

The specification set in Last Call is the SAML 1.1 Specification Set

(02-May-2003):

http://www.oasis-open.org/committees/download.php/1895/sstc-saml-specs-schemas-1.1-drafts.zip

http://www.oasis-open.org/committees/download.php/1894/sstc-saml-core-1.1-draft-10.pdf

http://www.oasis-open.org/committees/download.php/1892/sstc-saml-bindings-1.1-draft-06.pdf

http://www.oasis-open.org/committees/download.php/1884/sstc-saml-glossary-1.1-draft-04.pdf

http://www.oasis-open.org/committees/download.php/1878/sstc-saml-conform-1.1-draft-03.pdf

http://www.oasis-open.org/committees/download.php/1882/sstc-saml-sec-consider-1.1-draft-02.pdf

The relevant Errata document for this document set is:

http://www.oasis-open.org/committees/download.php/1875/sstc-saml-errata-1.1-draft-11.pdf

2. WHAT IS A COMMITTEE LAST CALL?

The purpose of the committee Last Call process is to ensure that the committee has reached consensus on the documents comprising the specification set, believes that all the known outstanding issues have been addressed, and is ready to vote on declaring the documents as "Committee Specifications" in preparation for submission to OASIS-wide review.

During the Last Call period, all comments on the documents are collected and discussed on the mailing lists.

3. HOW LONG DOES IT LAST?

The Last Call starts Monday 05-May-2003. It will last for two weeks and end on Friday, 16-May-2003, the "Last Call cut-off date". While the committee always attempts to consider input from the industry, comments received after the cut-off date cannot be guaranteed to be addressed by the TC before the specs are moved forward as Committee Specifications?

4. WHAT'S THE LAST CALL PROCESS AND NEXT STEPS?

The Committee Last Call process we're following is described here...

http://lists.oasis-open.org/archives/security-services/200202/msg00176.html

5. WHAT SHOULD YOU DO?

You should read the documents, making sure that (1) there are no normative problems or deficiencies or outstanding issues that need to be resolved; and (2) that there are no typos, formatting problems, grammatical errors, etc.

Send notice of any issues you find, normative or otherwise, to the appropriate list (see below).

6. WHERE SHOULD YOU SEND COMMENTS?

OASIS SSTC members should send their comments to the SSTC members mailing list at...

security-services@lists.oasis-open.org

The mailing list archive for this list is available here...

http://lists.oasis-open.org/archives/security-services/

NOTE: Only subscribers may post to the security-services list. Any OASIS member may subscribe to the security-services list. To subscribe, send an email message to...

security-services-request@lists.oasis-open.org

...with the word "subscribe" as the body of the message.

The general public ("reviewers at-large") should send comments to the SSTC public comment mailing list at...

security-services-comment@lists.oasis-open.org

The mailing list archive for this list is available here...

http://lists.oasis-open.org/archives/security-services-comment/

NOTE: Before sending messages to the security-services-comment list, YOU MUST FIRST SUBSCRIBE. To subscribe, send an email message to...

security-services-comment-request@lists.oasis-open.org

...with the word "subscribe" as the body of the message.

Links to the mail archives for all SSTC mailing lists can be found on the public OASIS SSTC web site at...

http://www.oasis-open.org/committees/security/

We look forward to seeing your comments!