RE: [security-services] [comments on SAML, Grids, RespondWith]

[Scott Cantor <cantor.2@osu.edu>]

> Some of this we might take as input for version 2.0 (eg the 
> suggested smaller decision response), and some as perhaps 
> profiles of SAML use for a particular purpose (eg the 
> multi-step proposal).  But I mostly want to highlight his 
> comment (bullet (i)) about use of the RespondWith feature and 
> disappointment about its being deprecated in SAML 1.1.  I 
> suppose it is rather late to reconsider this decision.  I 
> didn't entirely follow why we decided to deprecate it, but if 
> it was based on our perception of its not being used by 
> anyone, here is evidence to the contrary.

FWIW, I don't think RespondWith is the greatest way of achieving some of the
flows described. New query types or extensions seem more generally useful to
me as an easy to understand mechanism for communicating requester needs, and
after all, at least in the one example, there's already an extension in play
(the statement).

> More generally, having recently heard about quite a bit of 
> SAML-related work in the Grid context, I'm a little concerned 
> that the TC might need to do more discovery of who's using 
> what SAML features in the world at large as we move forward 
> making decisions about replacing and/or deprecating features.

That said, I agree with this, we're not going to get enough from saml-dev, I
don't think, unless we do some publicizing.

-- Scott