[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] disposition of the HoK profiles
On Sun, Jul 5, 2009 at 1:39 PM, Scott Cantor<cantor.2@osu.edu> wrote: > Tom Scavo wrote on 2009-07-01: >> I may be missing something but this seems like the best way to get the >> HoK Web Browser SSO Profile out the door now without having to >> implicitly depend on the successful completion of the kerberos profiles. >> >> Thoughts? > > My only comment is that I don't think we've had many, if any, specific > examples of specs that we've "revised" following a CS or OS vote. The > exception might be the errata, which is now headed to its second published > revision, but errata are by their nature accumulative. > > It becomes a "signaling" problem at runtime if you have behavior that > changes between V1 and V2 of some spec that's sharing syntax. I guess I don't see the problem. The HoK Web Browser SSO Profile normatively depends on the HoK Assertion Profile. Currently, CD-02 of the former depends on CD-02 of the latter. If we take both of them to CS at the same time, then CS-01 of one depends on CS-01 of the other. So far so good. Now suppose we take CS-01 of the HoK Assertion Profile back through the review cycle. It is anticipated that this will produce CS-02 of the HoK Assertion Profile, but that work is totally independent of CS-01 of the HoK Web Browser SSO Profile. Even if the latter becomes an OASIS standard, it can remain dependent on CS-01 of the HoK Assertion Profile since there's nothing in CS-02 of the latter that has any effect on the HoK Web Browser SSO Profile. I could be missing something, I suppose, but I don't see how we could get into trouble by pushing both HoK profiles to CS at the same time. Tom
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]