[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: FW: Error in simplesign document
Forwarded on behalf of Rob. Hal From: Philpott, Robert
[mailto:robert.philpott@rsa.com] Hi
Hal… EMC
has changed our outward-facing email addresses from rsasecurity.com to rsa.com,
so I can't post to the list. I'm working with OASIS to get this
resolved. In the meantime, I tried to post the following, but got
rejected for not being a member :-(. Can you please post it for me? Thanks, Rob Philpott RSA, the Security Division
of EMC ------------------------------------------------ I
was just looking at the PDF for the simple signing spec and noticed that
on line 200, the reference to XML-Sig is missing. The text is "that
binding, SAML protocol messages and/or SAML assertions are signed using
, which is an XML-". There should be an "[XMLSig]" reference before
the comma. It's
also missing in the HTML (no surprise). Rob Philpott RSA, the Security Division
of EMC >
-----Original Message----- >
From: Mary McRae [mailto:marypmcrae@gmail.com] On Behalf Of Mary McRae >
Sent: Monday, December 10, 2007 11:30 PM >
To: members@lists.oasis-open.org; tc-announce@lists.oasis-open.org >
Cc: 'OASIS SSTC' >
Subject: [security-services] Public Review of SAML Specifications >=20 >
To OASIS members, Public Announce Lists: >=20 >
The OASIS Security Services (SAML) TC has recently approved the following >
specifications as Committee Drafts and approved each of the following five
(5) >
specifications for public review: >=20 >
1. SAMLv2.0 HTTP POST "SimpleSign" Binding >
2. Identity Provider Discovery Service Protocol and Profile >
3. SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based Systems >
4. SAML V2.0 Deployment Profiles for X.509 Subjects >
5. SAML V2.0 LDAP/X.500 Attribute Profile >=20 >
The public review starts today, 11 December 2007, and ends 9 February 2008. >
This >
is an open invitation to comment. We strongly encourage feedback from >
potential >
users, developers and others, whether OASIS members or not, for the sake
of >
improving the interoperability and quality of OASIS work. Please feel free
to >
distribute this announcement within your organization and to other appropriate >
mail lists. >=20 >
More non-normative information about the specification and the technical >
committee may be found at the public home page of the TC at >
http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=3Dsecurity. Comments >
may be submitted to the TC by any person through the use of the OASIS TC >
Comment >
Facility which can be located via the button marked "Send A Comment" at
the >
top >
of that page, or directly at > http://www.oasis-open.org/committees/comments/index.php?wg_abbrev=3Dsecur= i ty. >=20 >
Submitted comments (for this work as well as other works of that TC) are >
publicly archived and can be viewed at >
http://lists.oasis-open.org/archives/security-services-comment/. All comments >
submitted to OASIS are subject to the OASIS Feedback License, which ensures >
that >
the feedback you provide carries the same obligations at least as the >
obligations of the TC members. >=20 >
The specification document and related files are available here: >=20 >
1. SAMLv2.0 HTTP POST "SimpleSign" Binding >
Editable Source: > http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-binding-simpl esign- >
cd >
-02.odt >
PDF: > http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-binding-simpl esign- >
cd >
-02.pdf >
HTML: > http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-binding-simpl esign- >
cd >
-02.html >=20 >
2. Identity Provider Discovery Service Protocol and Profile >
Editable Source: > http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-idp-discovery -cd- >
02.o >
dt >
PDF: > http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-idp-discovery -cd- >
02.p >
df >
HTML: > http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-idp-discovery -cd- >
02.h >
tml >
Schema: > http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-idp-discovery -cd- >
02.p >
df >=20 >
3. SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based Systems >
Editable Source: > http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-x509-authn-at trib- >
pro >
file-cd-04.odt >
PDF: > http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-x509-authn-at trib- >
pro >
file-cd-04.pdf >
HTML: > http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-x509-authn-at trib- >
pro >
file-cd-04.html >=20 >
4. SAML V2.0 Deployment Profiles for X.509 Subjects >
Editable Source: > http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-profiles-dep loy- >
x509 >
-cd-02.odt >
PDF: > http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-profiles-dep loy- >
x509 >
-cd-02.pdf >
HTML: > http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-profiles-dep loy- >
x509 >
-cd-02.html >
Schema: > http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-profiles-dep loy- >
x509 >
.xsd >=20 >
5. SAML V2.0 LDAP/X.500 Attribute Profile >
Editable Source: > http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-attribute-x50 0-cd- >
02. >
odt >
PDF: > http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-attribute-x50 0-cd- >
02. >
pdf >
HTML: > http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-attribute-x50 0-cd- >
02. >
html >=20 >
OASIS and the Security Services (SAML) TC welcome your comments. >=20 >=20 >
--------------------------------------------------- >
Mary P McRae >
Manager of TC Administration, OASIS >
email: mary.mcrae@oasis-open.org >
web: www.oasis-open.org >=20 >=20 >
--------------------------------------------------------------------- >
To unsubscribe from this mail list, you must leave the OASIS TC that >
generates this mail. You may a link to this group and all your TCs in OASIS >
at: >
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php >=20 |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]