RE: [security-services] goal statement thread

["Mishra, Prateek" <pmishra@netegrity.com>]

Eve,

Your re-spin works for me except for:

This support will be based on the Liberty 
>>Alliance ID-FF 
>>V1.1 [and V1.2?] specifications that were contributed to the TC.

I believe this should read ID-FF V1.1 and V1.2 specifications. The former
has been submitted to the TC and the latter has been requested from the
Liberty Alliance Organization.

>>-----Original Message-----
>>From: Eve L. Maler [mailto:eve.maler@sun.com]
>>Sent: Tuesday, August 26, 2003 11:32 AM
>>To: oasis sstc
>>Subject: Re: [security-services] goal statement thread
>>
>>
>>Mishra, Prateek wrote:
>>
>>> The goals of the SAML 2.0 effort include:
>>> 
>>> (1) addressing issues that have arisen from experience with 
>>real-world SAML
>>> 1.0 and SAML 1.1 implementations,
>>> 
>>> (2) expanding the scope of the SAML specification to 
>>address features such
>>> as identity 
>>> federation, session
>>> context, metadata exchange, authentication services, plus 
>>> specify new 
>>> SAML profiles that make use of them, such as B2B, A2A, back-office 
>>> profiles. 
>>> 
>>> (3) addressing issues that have arisen from the development of other
>>> security specifications that make use of SAML 1.X, such as 
>>WS-Security and
>>> XACML
>>> 
>>> (4) incorporation of the Liberty Alliance ID-FF v1.1 and v1.2 
>>> specifications as foundation specifications.
>>
>>People will notice that I played with this text a bit in the 
>>FAQ.  I was 
>>trying to fix a couple of problems I perceived:  Point #2 is too 
>>specific about profiles; we still have to go through a use-case 
>>acceptance phase for the non-ID-FF work items around this.  
>>Also, points 
>>#2 and #4 seem to overlap a bit because of the Liberty connection of 
>>many of the new features.  And #1 and #2 are sort of similar 
>>in nature 
>>as well.
>>
>>What do people think of this new formulation?  What's below 
>>is an update 
>>of the FAQ text.  The first goal is essentially about maturity and 
>>interoperability, and the second goal is about the natural 
>>feature arc 
>>of SAML.
>>
>>========
>>The goals of the SAML 2.0 effort include:
>>
>>o Addressing issues and enhancement requests that have arisen from 
>>experience with real-world SAML implementations and with standards 
>>architectures that use SAML, such as the OASIS WSS and XACML work.
>>
>>o Adding support for features that were deferred from 
>>previous versions 
>>of SAML for schedule reasons, such as session support, the 
>>exchange of 
>>metadata to ensure more interoperable interactions, and collection of 
>>credentials.  This support will be based on the Liberty 
>>Alliance ID-FF 
>>V1.1 [and V1.2?] specifications that were contributed to the TC.
>>========
>>
>>I think we need to make a decision on the official goal 
>>statement pretty 
>>soon, as the FAQ and other materials will want to use it.
>>
>>	Eve
>>
>>p.s. Has *everyone* doublechecked with their OASIS voting rep about 
>>their SAML V1.1 vote being recorded?????
>>
>>-- 
>>Eve Maler                                        +1 781 442 3190
>>Sun Microsystems                            cell +1 781 354 9441
>>Web Products, Technologies, and Standards    eve.maler @ sun.com
>>**********************************************************************
>>SunNetwork 2003 Conference and Pavilion  http://www.sun.com/sunnetwork
>>September 16-18, 2003                    Moscone Center, San Francisco
>>An unparalleled event in network computing! Make the net work for you!
>>
>>
>>You may leave a Technical Committee at any time by visiting 
>>http://www.oasis-open.org/apps/org/workgroup/security-services
/members/leave_workgroup.php