Re: [security-services] Tech overview: Why the switch to common TLD's in example?

["Tom Scavo" <trscavo@gmail.com>]

I think using *.example.* is okay.  There might be a small problem
with usability but that's outweighed by the following RFC:

http://www.faqs.org/rfcs/rfc2606.html

Just my two cents worth,
Tom

On 2/14/07, Philpott, Robert <rphilpott@rsasecurity.com> wrote:
> I'm okay with avoiding collisions.  But using .net and .com is too
> subtle IMO.  I would have completely missed it myself and would prefer
> sticking to .coms.
>
> What about something like fakeairline.com and fakecarrental.com or
> exampleair.com and examplecars.com?
>
> Rob Philpott
> Senior Technologist
> RSA, The Security Division of EMC
> Tel: 781-515-7115
> Mobile: 617-510-0893
> Fax: 781-515-7020
> Email: rphilpott@rsasecurity.com
>
>
> > -----Original Message-----
> > From: Paul Madsen [mailto:paulmadsen@rogers.com]
> > Sent: Wednesday, February 14, 2007 2:34 PM
> > To: Philpott, Robert
> > Cc: security-services@lists.oasis-open.org
> > Subject: Re: [security-services] Tech overview: Why the switch to
> common
> > TLD's in example?
> >
> > Hi Rob, the change was motivated by concerns over collisions, i.e.
> > http://www.airlineinc.com/
> >
> > We could go to cars.example.net and airline.example.com to avoid your
> > concern (I think Eve actually had implemented this but I must have
> > switched from 'net' to 'com' to avoid changing existing graphics)
> >
> > paul
> >
> > Philpott, Robert wrote:
> > > Sorry if I missed some explicit discussion on this, but I noticed in
> > > this draft, the example web site names were changed.
> "AirlineInc.com"
> > > was changed to "airline.example.com" and "CarRentalInc.com" was
> changed
> > > to "cars.example.com".  I don't think this was a good change to
> make.
> > >
> > > The new example sites are now sharing the same top-level domain name
> > > "example.com".  While it's true that SAML will work in such an
> > > environment, it is not a requirement that sites share the same TLD
> and
> > > we may mislead/confuse readers.  The real power is our ability to
> SSO
> > > across systems in *different* TLD's.
> > >
> > > I recommend switching back to unique TLD's.
> > >
> > > Rob Philpott
> > > Senior Technologist
> > > RSA, The Security Division of EMC
> > > Tel: 781-515-7115
> > > Mobile: 617-510-0893
> > > Fax: 781-515-7020
> > > Email: rphilpott@rsasecurity.com
> > >
> > >
> > >
> > >> -----Original Message-----
> > >> From: paulmadsen@ntt-at.com [mailto:paulmadsen@ntt-at.com]
> > >> Sent: Wednesday, February 14, 2007 2:04 PM
> > >> To: security-services@lists.oasis-open.org
> > >> Subject: [security-services] Groups - sstc-saml-tech-overview-2
> > >>
> > > 0-draft-
> > >
> > >> 12.pdf uploaded
> > >>
> > >> The document revision named sstc-saml-tech-overview-2
> 0-draft-12.pdf
> > >>
> > > has
> > >
> > >> been submitted by Paul Madsen to the OASIS Security Services (SAML)
> TC
> > >> document repository.  This document is revision #1 of
> > >> sstc-saml-tech-overview-2 0-draft-11.pdf.
> > >>
> > >> Document Description:
> > >> Applied most of the edits requested at the 10 Oct 2006 SSTC
> telecon.
> > >>
> > > More
> > >
> > >> to come.
> > >>
> > >> View Document Details:
> > >> http://www.oasis-
> > >> open.org/apps/org/workgroup/security/document.php?document_id=22454
> > >>
> > >> Download Document:
> > >> http://www.oasis-
> > >>
> > >>
> > >
> open.org/apps/org/workgroup/security/download.php/22454/sstc-saml-tech-
> > >
> > >> overview-2%200-draft-12.pdf
> > >>
> > >> Revision:
> > >> This document is revision #1 of sstc-saml-tech-overview-2
> > >>
> > > 0-draft-11.pdf.
> > >
> > >> The document details page referenced above will show the complete
> > >>
> > > revision
> > >
> > >> history.
> > >>
> > >>
> > >> PLEASE NOTE:  If the above links do not work for you, your email
> > >> application
> > >> may be breaking the link into two pieces.  You may be able to copy
> and
> > >> paste
> > >> the entire link address into the address field of your web browser.
> > >>
> > >> -OASIS Open Administration
> > >>
> > >
> > >
> >
> > --
> > Paul Madsen             e:paulmadsen @ ntt-at.com
> > NTT                     p:613-482-0432
> >                         m:613-302-1428
> >                         aim:PaulMdsn5
> >                         web:connectid.blogspot.com
> >
>
>