OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [security-services] Groups - draft-sstc-saml-idp-discovery-02.pdf uploaded


- [line 98] s/interesting/useful/

- [line 192] s/Request/Response/

- [line 204] s/not determined,/not determined, or the discovery
service declines to provide one,/


- I think this is more a "profile" than a "protocol".  Section 2.1
seems to support that contention.  Does it make more sense to call
this the "Identity Provider Discovery Service Profile"?

- Early in section 2, can you list the steps in one place, at the
beginning?  Also, can you include a flow diagram that shows how the
Discovery Service fits into the larger Web SSO Profile?

- What happens if the 'return' URL already has a query string
parameter named 'entityID' (or the value of 'returnIDParam', if
present)?  In other words, shouldn't the query string parameter on the
'return' URL be suitably restricted to prevent parameter name clashes?
 What should the DS do if such a collision occurs?

- The purpose of the 'returnIDParam' parameter is confusing at first.
Can the brief explanation on lines 175--176 be clarified?  (Sorry, I
don't have anything to offer at this point.)

- There is no mention of metadata in section 2.4.3.  If the DS uses
metadata to authorize an SP, the instructions in section 2.4.3
(especially lines 198--200) need to be modified.

- In section 2.5, what happens if the DS is unable to match the value
of the 'return' parameter with a location in metadata?

Tom Scavo
NCSA/University of Illinois

On 13 Feb 2007 04:52:40 -0000, cantor.2@osu.edu <cantor.2@osu.edu> wrote:
> The document named draft-sstc-saml-idp-discovery-02.pdf has been submitted
> by Scott Cantor to the OASIS Security Services (SAML) TC document
> repository.
> Document Description:
> Draft 02, incorporated technical feedback.
> View Document Details:
> http://www.oasis-open.org/apps/org/workgroup/security/document.php?document_id=22375
> Download Document:
> http://www.oasis-open.org/apps/org/workgroup/security/download.php/22375/draft-sstc-saml-idp-discovery-02.pdf
> PLEASE NOTE:  If the above links do not work for you, your email application
> may be breaking the link into two pieces.  You may be able to copy and paste
> the entire link address into the address field of your web browser.
> -OASIS Open Administration

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]