[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] "Registration" process for third-party SAML customizations
+1. Looks good - thanks Eve. Rob Philpott Senior Consulting Engineer RSA Security Inc. Tel: 781-515-7115 Mobile: 617-510-0893 Fax: 781-515-7020 mailto:firstname.lastname@example.org > -----Original Message----- > From: John Kemp [mailto:email@example.com] > Sent: Tuesday, October 26, 2004 4:07 PM > To: ext Eve L. Maler > Cc: 'firstname.lastname@example.org' > Subject: Re: [security-services] "Registration" process for third-party > SAML customizations > > Hi Eve, > > The only quibble I would have with this statement is that I don't > consider further profiling to be an example of SAML "extensibility". In > most cases, it seems to me that particular groups of SAML users will > wish to further profile the specifications - by creating new protocol > profiles, or new authentication classes. In other cases, groups will > decide to extend the SAML schema (to create new Conditions for example). > > But I guess all I would do to your statement below is to amend the first > couple of sentences to read something like: > > "SAML is designed both for extensibility and general applicability. It > is anticipated that some SAML users may wish to further profile or > extend the SAML specifications, by custom-designing their own protocol > profiles, attribute profiles..." > > - JohnK > > ext Eve L. Maler wrote: > > > Forgot to bring this up on today's call. Any comments? I don't think > > we particularly need to rush to get this settled as long as we do it > > by the time V2.0 is final; it probably needs a quorate discussion, so > > that'll be Nov 9. (I think Mary McRae also wanted a chance to > > convince me that we should be using the OASIS Registry for this...) > > > > Eve > > > > Eve L. Maler wrote: > > > >> Here's the sort of thing I was thinking of adding to the SAML website > >> regarding a "registration" process. What do you all think? > >> > >> ======== > >> SAML Customizations: > >> > >> SAML is designed for extensibility, and it is anticipated that some > >> SAML users will want to custom-design their own profiles, attribute > >> profiles, authentication context classes, and/or extensions as > >> appropriate for their purposes. The SSTC invites third parties who > >> are customizing SAML to notify us of the existence of their > >> documented SAML usage so that we can list and link to the documents > >> on this site. This listing is intended to help other SAML users more > >> easily find and use existing customizations. > >> > >> It is expected that any such customization document adhere to any > >> guidelines set forth in the relevant SAML specification; as one > >> example of a guideline, each profile must be assigned a unique URI. > >> > >> To notify the SSTC of your customization, use the [link: comment > >> form]. The SSTC reserves the right not to list any customization, > >> and no endorsement by the SSTC of any listed customization is implied. > >> > >> If you are an OASIS member and wish to contribute a SAML profile or > >> other customization to the SSTC for consideration in future work on > >> SAML, please refer to the OASIS TC process for the proper way to make > >> a contribution. > >> ======== > >> > >> Eve > > > > > > > To unsubscribe from this mailing list (and be removed from the roster of > the OASIS TC), go to http://www.oasis- > open.org/apps/org/workgroup/security-services/members/leave_workgroup.ph p.