OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: FW: (retitled) Status of ASN.1 bindings for SAML and XACML

-----Original Message-----
From: John Larmouth [mailto:j.larmouth@salford.ac.uk]
Sent: Friday, June 25, 2004 12:43 PM
To: karl.best@oasis-open.org
Cc: Hal Lockhart; Bill Parducci; Prateek Mishra; Rob Philpott
Subject: Re: [members] open positions at OASIS


This is just an informal e-mail to keep you in the picture on XACML and SAML 
with regard to ASN.1, rather than a formal liaison statement.

The ASN.1 group is currently meeting in Manchester, and has discussed what we 
might want to achieve with regard to XACML and SAML ads ITU-T Recommendations or 
ISO Standards, and who could find the resources to get involved with your TCs.

Three of our participants are monitoring the associated mailing lists (without 
currently taking part in the discussions), and have commented that the traffic 
on these mailing lists is quite high, making serious participation a heavy 

We were unable to identify anybody with the time available at present, but had 
some further discussion on what we might like to achieve.  The proposal in 
Geneva was the addition of substantial text to include an ASN.1 module mapped 
from the XSD text using X.694, and would undoubtedly have required direct 
participation in the XACML and SAML work.  However, in discussions at the 
Manchester meeting, it was felt that a better approach might be the use of the 
non-schema-based Fast Infoset work (sometimes called "binary XML").  This 
provides an efficient binary encoding of the XML Infoset, and allows lossless 
conversion between an XML document and a binary representation without any 
dependency on or need for an XML Schema.  Provision for such transfers for XACML 
and SAML would require only the addition of a small amount of text referencing 
the Fast Infoset Standard (ITU-T Rec. X.finf | ISO/IEC 24824-1), with no actual 
ASN.1 module to be added.  We are hoping to have a draft of such text available 
for discussion at our Nice meeting in September, and I will contact you again 
after that.

On a slightly separate issue, we note that SAML and XACML require to be able to 
reference a definition of UUIDs, and would like to draw your attention to ITU-T 
Rec. X.667 | ISO/IEC 9834-8, currently under FCD ballot.  This is technically 
aligned with the IETF draft RFC on UUIDs, and will in due course become 
available free on the Web.  We would recommend that your work reference this 

Finally, I have not forgotten your request for a paragraph or two on where XCBF 
fits into the overall spectrum of security standards, but I have just been 
totally overloaded recently with both ASN.1 and biometrics work.

John L

    Prof John Larmouth
    Larmouth T&PDS Ltd
    (Training and Protocol Development Services Ltd)
    1 Blueberry Road
    Bowdon                               j.larmouth@salford.ac.uk
    Cheshire WA14 3LS
    Tel: +44 161 928 1605		Fax: +44 161 928 8069

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]