OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: detailed comments on sec 4.2 Enhanced Client and Proxy (ECP) Profileofsstc-saml-profiles-2.0-draft-17


detailed comments on sec 4.2 Enhanced Client and Proxy (ECP) Profile 
ofsstc-saml-profiles-2.0-draft-17...


line#:    comment...
---------------------------------------------

609	am thinking profile label should be "enhanced client or proxy"

610	should offer brief definition of what an ECP is, ie a five-or-six word 
summary of detailed definition at line# 635.

615	reference (in assn&prot (aka core)?) where name ident establishment is 
defined.

619	s/can authenticate to/authenticates with/


631	is it really a "generalization" or is it more a "specific application". I'm 
thinking the latter is a better characterization.

632	is "section 4.1" a xref? ie will it be automagically updated if section 
4.1's section# changes?

632	s/makes reference/makes explicit references/

632	s/to it in a number of respects/to it/

632	s/profile/profile,/

633	deleted the parens, retaining the phrase within them.

635	s/is a client or proxy that/is one that/

636	s/knowledge about the/information about which/

636	s/associated with the client/wielding the ECP/

637	s/wishes to use with the service provider/wishes to use given the service 
provider/

638	s/a service provider/service providers/

638	s/to make an authentication request to such a client/to simply make 
authentication requests directly to the ECP/

640	s/browser profile/browser SSO profile/  (use xref?)

640	<need a blank line after line# 640>

641.... (lots more copy-edit comments)


hmmm. maybe in terms of the detailed I should just copy-edit this section and 
put it out for review? Or were u going to go thru it in detail  Scott? My 
understanding is that you haven't yet done so,  thus the present roughness.

some larger-grained comments...


1. We should re-number the steps in the profile since there are steps -- such 
as the IDP or ECP or SP doing something -- that are called out in the revised 
diagram (see the first figure in the sstc-saml-profiles-2.0-figures-02.pdf 
file, which I just filed in Kavi [1]).

2. having the rather long and detailed subsections describing header block 
composition interspersed amongst the descriptions of the protocol steps is 
suboptimal (to me) -- it interferes with understanding the profile's stepwise 
flow. I suggest having a subsection with the protocol step definitions (as 
sub-sub-sections) and then having another subsection describing the header 
blocks, and xref from the former into the latter as necessary.

JeffH


[1] sstc-saml-profiles-2.0-figures-02.pdf
http://www.oasis-open.org/apps/org/workgroup/security/download.php/8263/sstc-saml-profiles-2.0-figures-02.pdf
























[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]