[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: detailed comments on sec 4.2 Enhanced Client and Proxy (ECP) Profileofsstc-saml-profiles-2.0-draft-17
detailed comments on sec 4.2 Enhanced Client and Proxy (ECP) Profile ofsstc-saml-profiles-2.0-draft-17... line#: comment... --------------------------------------------- 609 am thinking profile label should be "enhanced client or proxy" 610 should offer brief definition of what an ECP is, ie a five-or-six word summary of detailed definition at line# 635. 615 reference (in assn&prot (aka core)?) where name ident establishment is defined. 619 s/can authenticate to/authenticates with/ 631 is it really a "generalization" or is it more a "specific application". I'm thinking the latter is a better characterization. 632 is "section 4.1" a xref? ie will it be automagically updated if section 4.1's section# changes? 632 s/makes reference/makes explicit references/ 632 s/to it in a number of respects/to it/ 632 s/profile/profile,/ 633 deleted the parens, retaining the phrase within them. 635 s/is a client or proxy that/is one that/ 636 s/knowledge about the/information about which/ 636 s/associated with the client/wielding the ECP/ 637 s/wishes to use with the service provider/wishes to use given the service provider/ 638 s/a service provider/service providers/ 638 s/to make an authentication request to such a client/to simply make authentication requests directly to the ECP/ 640 s/browser profile/browser SSO profile/ (use xref?) 640 <need a blank line after line# 640> 641.... (lots more copy-edit comments) hmmm. maybe in terms of the detailed I should just copy-edit this section and put it out for review? Or were u going to go thru it in detail Scott? My understanding is that you haven't yet done so, thus the present roughness. some larger-grained comments... 1. We should re-number the steps in the profile since there are steps -- such as the IDP or ECP or SP doing something -- that are called out in the revised diagram (see the first figure in the sstc-saml-profiles-2.0-figures-02.pdf file, which I just filed in Kavi [1]). 2. having the rather long and detailed subsections describing header block composition interspersed amongst the descriptions of the protocol steps is suboptimal (to me) -- it interferes with understanding the profile's stepwise flow. I suggest having a subsection with the protocol step definitions (as sub-sub-sections) and then having another subsection describing the header blocks, and xref from the former into the latter as necessary. JeffH [1] sstc-saml-profiles-2.0-figures-02.pdf http://www.oasis-open.org/apps/org/workgroup/security/download.php/8263/sstc-saml-profiles-2.0-figures-02.pdf
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]