RE: [security-services] Roles for SAML 2.0 Metadata

["Jahan Moreh" <jmoreh@sigaba.com>]

I very much agree with Anthony's statement that 'various profiles should
define the "roles" and not the metadata
specification'. Indeed, the metadata specification is not seeking to define
roles, but rather "identify" existing roles, taken from existing profiles,
and then determine the metadata that needs to be defined for these roles.

Thanks,
Jahan

------
Jahan Moreh
Chief Security Architect
310.286.3070

-----Original Message-----
From: Scott Cantor [mailto:cantor.2@osu.edu]
Sent: Tuesday, December 30, 2003 7:03 PM
To: 'Anthony Nadalin'; security-services@lists.oasis-open.org
Subject: RE: [security-services] Roles for SAML 2.0 Metadata


>you are spot on, as I expect it be done just like you say. The issue I have
>is that various profiles should define the "roles" and not the metadata
>specification.

I agree 100% with that, and I think Jahan does too based on what he's said.

Given the volume of work we're all trying to get done, I think the way we're
moving forward is to start with as complete a proposal as we can, when
that's available, and then work in the editing stage to figure out how best
to incorporate the material.

In this case, we just need to split the existing document up into new core
text that provides a framework and then the rest of the material into the
bindings and profiles. Which sounds like what you're encouraging, so I think
we're in agreement.

The point of the question about roles is simply to figure out which existing
bindings and profiles we know we need to focus on before we deliver a
working draft of the new material, since not all SAML roles are accounted
for in the ID-FF submission.

-- Scott


To unsubscribe from this mailing list (and be removed from the roster of the
OASIS TC), go to
http://www.oasis-open.org/apps/org/workgroup/security-services/members/leave
_workgroup.php.