Re: [security-services] Comments on Tech Overview rev 13

["Eve L. Maler" <Eve.Maler@Sun.COM>]

Thanks for your thoughts!  More back at you:

Tom Scavo wrote:
> Good point.  Since this requires a change to the diagram, can I make
> another suggestion (at the risk of being pedantic)?  A flow diagram
> illustrating request-response exchanges should not have an odd number
> of steps.  The culprit in this case is step 2, which is really a pair
> of steps.

It's a pair depending on the binding...  I personally don't think we 
need to hew to this rule.

>> - Sec 4.2.1, lines 1014-1015: It's worth noting that the reasons why
>> the IdP and SP can't communicate could be either technical or
>> nontechnical/"policy-driven".  CardSpace's flows operate on the
>> latter assumption by design.
> 
> But this isn't unique to ECP.

What isn't?  How, then, can we describe the unique value-add better?

>> - Sec 5.1: I think it would be useful and instructive to mention the
>> ID-WSF SecMech-related specs in this section, to give context as to
>> how additional profiling can utilize WS-Security and SAML assertions
>> for a really complete system.
> 
> Wouldn't it be better to give an overview of ID-WSF (good luck!) in a
> separate subsection in section 5.

If people are interested, I'm willing to take a whack at it, having 
done the "ID-WSF Basics" slides recently enough for them to be fresh 
in my mind.

	Eve
-- 
Eve Maler                                         +1 425 947 4522
Technology Director                           eve.maler @ sun.com
CTO Business Alliances group                Sun Microsystems, Inc.