[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] New work product requests submitted
Hi Scott - The tickets are all there. The JIRA notification gap is annoying but you can always check the current queue from the 'Active Support Requests' link on the TC Admin home page (http://www.oasis-open.org/resources/tcadmin). Regarding the conformance clauses, this is the first time I have seen the idea come up. My initial reaction is this: if you envision this as one large multi-part work product - that is, that core, bindings, profiles,etc. are all going to be parts of 'SAML 2.1' then (a) we'll need to think about some master overview document to point to all the parts and (b) a separate conformance clauses document is fine. If each is considered a stand-alone spec however - that is, if SAML 2.1 Bindings could become an OASIS Standard all by itself - then the current rules call for it to have its own conformance section. I can take up the question of having a conformance CS document that all other CSes would normatively reference. It is an interesting idea & I can see pluses and minuses to it worth thinking through. Best, /chet On Tue, Sep 11, 2012 at 9:32 PM, Cantor, Scott <cantor.2@osu.edu> wrote: > Jira notifications may not be working at the moment, but I submitted work > product requests for all of the original standard documents: > > Assertions and Protocols (saml-core-2.1) > Bindings (saml-bindings-2.1) > Profiles (saml-profiles-2.1) > Metadata (saml-metadata-2.1) > Authentication Context (saml-authn-context-2.1) > Conformance Requirements (saml-conformance-2.1) > Security and Privacy Requirements (saml-sec-consider-2.1) > Glossary (saml-glossary-2.1) > > I don't know if that's going to be the final set we want, I'm guessing > maybe not, but I can start getting the material in order at least. > > Does the new process allow us to have a separate Conformance document? > > A couple of thoughts I had: > > Glossary? How much work to put in? My big complaint was that we mostly > dropped it entirely before we ever finished 2.0 and I don't think it's in > very good shape. Not sure having a bad or incomplete glossary helps much. > My thinking is we should take out some of the more conceptual stuff in > there or attempts to define industry concepts and focus on defining *SAML* > terms that are in the other documents as much as possible. > > Given actual use of Authn Context, are there aspects of that we should > deprecate? Move the LOA profile document into the AC spec? > > How should Profiles really be organized? I noted a couple of ideas: > > I'd like to move the confirmation method stuff into core because it seems > to me to be along the lines of the other identifier sections in core and > gets reused by various things. > > I wonder if the attribute profile material might be put into a separate > document together with other post-2.0 work around attributes. > > -- Scott > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: security-services-unsubscribe@lists.oasis-open.org > For additional commands, e-mail: security-services-help@lists.oasis-open.org > -- /chet ---------------- Chet Ensign Director of Standards Development and TC Administration OASIS: Advancing open standards for the information society http://www.oasis-open.org Primary: +1 973-996-2298 Mobile: +1 201-341-1393 TC Administration information and support is available at http://www.oasis-open.org/resources/tcadmin Follow OASIS on: LinkedIn: http://linkd.in/OASISopen Twitter: http://twitter.com/OASISopen Facebook: http://facebook.com/oasis.open
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]