OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Discussion of Future Work of the SSTC

..and let's not forget things that are in the pipeline and/or not yet explicit in the spec.  To name but two..

1)	NoXMLdsig still in draft. Great idea and one we will probably take up.

2)	IdP proxy (IdP extended) in the spec but not explicitly profiled..maybe not a big 	job but one that would make the SSO profiles more complete (Help me out here Rob..) 

I'm surprised we are even debating the issue.  If this standard is to become ubiquitous, as I'm sure we all want it to be, it needs to be maintained and refreshed as time goes on. Example: Do we really know, today, how a mature Web 2.0 implementation might give rise to modified approaches in SAML 2.0?

I appreciate that this is may be interpreted as "shouting from the sidelines", as the NZ government has not played much of a role in this TC....mostly because we do not yet have the expertise to meaningfully contribute, and meantime hang onto the coat-tails of others. But hopefully that will change once we upgrade from SAML 1.1 and implement SAML 2.0 which is why we are getting more involved in Liberty as well. While not exactly "betting the farm" on SAML v2.0 it's one very big decision for a government (even of our small size) to make for all its online strategy going forward, and for our part we would really and truly appreciate it if the momentum continued.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]