RE: [security-services] Conformance document questions

["Mishra, Prateek" <pmishra@netegrity.com>]

Hi Rich,

Thanks for your comments, they were also discussed on the November 23
conference call. I have an action to respond with a proposal:

[r$]
Table 4 only discusses responder conformance requirements, but does not 
define ny request requirements.  I suppose you could turn "must process"

on the responder into "must send" on the server, but is that the intent;

if so, it should be made explicit. Or is requestor conformance currently

unspecified by design?
[/r$]


On the conference call there was a consensus that "SAML Responder"
should be replaced by "SAML Authority" and an additional operational
mode called "SAML Requestor" be introduced into the conformance
document. This terminology is first introduced in Section 6 of Profiles
wherein Figure 6 uses the terms "Requesting System Entity" and "SAML
Authority". The profiles document will be updated by replacing
"Requesting System Entity" by "SAML Requestor".


I will introduce an operational mode called "SAML Requestor" (new column
in Table 4). All of the features (rows of Table 4) will be optional for
SAML requestors. The idea here is to provide terminology to support
statements of the type "Does your product implement the SAML requestor
role with feature XXX"?. 


[r$]
The Identity Provider proxy references section 3.4.1.6 of the core; 
should that be 3.4.1.5 (since .6 doesn't exist)?
[/r$]

Agreed, this is an obsolete reference and I will update to 3.4.1.5.

-- prateek