OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: FW: Error in simplesign document


Forwarded on behalf of Rob.

 

Hal

 


From: Philpott, Robert [mailto:robert.philpott@rsa.com]
Sent: Tuesday, December 11, 2007 11:28 AM
To: Hal Lockhart
Subject: Error in simplesign document

 

Hi Hal…

 

EMC has changed our outward-facing email addresses from rsasecurity.com to rsa.com, so I can't post to the list.  I'm working with OASIS to get this resolved.  In the meantime, I tried to post the following, but got rejected for not being a member :-(.  Can you please post it for me?

 

Thanks,

 

Rob Philpott

RSA, the Security Division of EMC
Senior Technologist  |  e-Mail: rphilpott@rsa.com  |  Office: +1 781-515-7115  |  Mobile: +1 617-510-0893

 

------------------------------------------------

I was just looking at the PDF for the simple signing spec and noticed

that on line 200, the reference to XML-Sig is missing.  The text is

"that binding, SAML protocol messages and/or SAML assertions are signed

using , which is an XML-". There should be an "[XMLSig]" reference

before the comma.

 

It's also missing in the HTML (no surprise).

 

Rob Philpott

RSA, the Security Division of EMC
Senior Technologist  |  e-Mail: rphilpott@rsa.com  |  Office: +1 781-515-7115  |  Mobile: +1 617-510-0893

 

 

> -----Original Message-----

> From: Mary McRae [mailto:marypmcrae@gmail.com] On Behalf Of Mary McRae

> Sent: Monday, December 10, 2007 11:30 PM

> To: members@lists.oasis-open.org; tc-announce@lists.oasis-open.org

> Cc: 'OASIS SSTC'

> Subject: [security-services] Public Review of SAML Specifications

>=20

> To OASIS members, Public Announce Lists:

>=20

> The OASIS Security Services (SAML) TC has recently approved the

following

> specifications as Committee Drafts and approved each of the following

five (5)

> specifications for public review:

>=20

> 1. SAMLv2.0 HTTP POST "SimpleSign" Binding

> 2. Identity Provider Discovery Service Protocol and Profile

> 3. SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based

Systems

> 4. SAML V2.0 Deployment Profiles for X.509 Subjects

> 5. SAML V2.0 LDAP/X.500 Attribute Profile

>=20

> The public review starts today, 11 December 2007, and ends 9 February

2008.

> This

> is an open invitation to comment. We strongly encourage feedback from

> potential

> users, developers and others, whether OASIS members or not, for the

sake of

> improving the interoperability and quality of OASIS work. Please feel

free to

> distribute this announcement within your organization and to other

appropriate

> mail lists.

>=20

> More non-normative information about the specification and the

technical

> committee may be found at the public home page of the TC at

> http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=3Dsecurity.

Comments

> may be submitted to the TC by any person through the use of the OASIS

TC

> Comment

> Facility which can be located via the button marked "Send A Comment"

at the

> top

> of that page, or directly at

> 

http://www.oasis-open.org/committees/comments/index.php?wg_abbrev=3Dsecur=

i

ty.

>=20

> Submitted comments (for this work as well as other works of that TC)

are

> publicly archived and can be viewed at

> http://lists.oasis-open.org/archives/security-services-comment/. All

comments

> submitted to OASIS are subject to the OASIS Feedback License, which

ensures

> that

> the feedback you provide carries the same obligations at least as the

> obligations of the TC members.

>=20

> The specification document and related files are available here:

>=20

> 1. SAMLv2.0 HTTP POST "SimpleSign" Binding

> Editable Source:

> 

http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-binding-simpl

esign-

> cd

> -02.odt

> PDF:

> 

http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-binding-simpl

esign-

> cd

> -02.pdf

> HTML:

> 

http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-binding-simpl

esign-

> cd

> -02.html

>=20

> 2. Identity Provider Discovery Service Protocol and Profile

> Editable Source:

> 

http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-idp-discovery

-cd-

> 02.o

> dt

> PDF:

> 

http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-idp-discovery

-cd-

> 02.p

> df

> HTML:

> 

http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-idp-discovery

-cd-

> 02.h

> tml

> Schema:

> 

http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-idp-discovery

-cd-

> 02.p

> df

>=20

> 3. SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based

Systems

> Editable Source:

> 

http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-x509-authn-at

trib-

> pro

> file-cd-04.odt

> PDF:

> 

http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-x509-authn-at

trib-

> pro

> file-cd-04.pdf

> HTML:

> 

http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-x509-authn-at

trib-

> pro

> file-cd-04.html

>=20

> 4. SAML V2.0 Deployment Profiles for X.509 Subjects

> Editable Source:

> 

http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-profiles-dep

loy-

> x509

> -cd-02.odt

> PDF:

> 

http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-profiles-dep

loy-

> x509

> -cd-02.pdf

> HTML:

> 

http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-profiles-dep

loy-

> x509

> -cd-02.html

> Schema:

> 

http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-profiles-dep

loy-

> x509

> .xsd

>=20

> 5. SAML V2.0 LDAP/X.500 Attribute Profile

> Editable Source:

> 

http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-attribute-x50

0-cd-

> 02.

> odt

> PDF:

> 

http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-attribute-x50

0-cd-

> 02.

> pdf

> HTML:

> 

http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-attribute-x50

0-cd-

> 02.

> html

>=20

> OASIS and the Security Services (SAML) TC welcome your comments.

>=20

>=20

> ---------------------------------------------------

> Mary P McRae

> Manager of TC Administration, OASIS

> email: mary.mcrae@oasis-open.org

> web: www.oasis-open.org

>=20

>=20

> ---------------------------------------------------------------------

> To unsubscribe from this mail list, you must leave the OASIS TC that

> generates this mail.  You may a link to this group and all your TCs in

OASIS

> at:

> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php

>=20

 

 



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]