[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Roles for SAML 2.0 Metadata
------
Jahan Moreh
Chief Security
Architect
310.286.3070
-----Original Message-----
From: Anthony Nadalin [mailto:drsecure@us.ibm.com]
Sent: Monday, December 29, 2003 6:26 PM
To: security-services@lists.oasis-open.org
Subject: RE: [security-services] Roles for SAML 2.0 MetadataNo I understood the purpose of the role, I still have a problem with the "meta role" restriction, I don't understand why the restriction.
Anthony Nadalin | work 512.436.9568 | cell 512.289.4122
"Jahan Moreh" <jmoreh@sigaba.com>
"Jahan Moreh" <jmoreh@sigaba.com>
12/19/2003 12:53 PM
Please respond to jmoreh
To: Anthony Nadalin/Austin/IBM@IBMUS, <security-services@lists.oasis-open.org>
cc:
Subject: RE: [security-services] Roles for SAML 2.0 Metadata
Anothny -
I think you may have misunderstood my message. The concept of a "role" in this case is really that of a "participant". I.e., we are talking about the role that a SAML participant would take in communicating with another "participant". May be "participant" is also not a good name; may be we should call it a "meta role". In any case, this is specifcally NOT an arbitrary role that can be specified in an attribute assertion.
Jahan------
Jahan Moreh
Chief Security Architect
310.286.3070
-----Original Message-----
From: Anthony Nadalin [mailto:drsecure@us.ibm.com]
Sent: Friday, December 19, 2003 8:09 AM
To: security-services@lists.oasis-open.org
Subject: Re: [security-services] Roles for SAML 2.0 Metadata
Why is this restricted to any role this seems like an artifact of Liberty ? These should just be attribute assertions that any role can use.
Anthony Nadalin | work 512.436.9568 | cell 512.289.4122
"Jahan Moreh" <jmoreh@sigaba.com>
"Jahan Moreh" <jmoreh@sigaba.com>
12/16/2003 01:48 PM
Please respond to jmoreh
To: <security-services@lists.oasis-open.org>
cc:
Subject: [security-services] Roles for SAML 2.0 Metadata
Colleagues -
During our focus group discussion of today (December 16), we recognized the
need for specifying metadata for various roles. Our discussion lead us to
believe that SAML 2.0 metadata should recognize the following roles:
1. Identity provider
2. Service provider
3. Attribute provider
Do people have any thoughts/comments on this matter?
Thanks,
Jahan
------
Jahan Moreh
Chief Security Architect
310.286.3070
To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/security-services/members/leave_workgroup.php.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]