OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [security-services] SAML 2.1 Protocol Reorg Idea

On 12/31/12 10:04 AM, "La Joie, Chad" <Chad.LaJoie@covisint.com> wrote:
>Let's pick on SSO as an example.  The idea would be to create an SSO
>Profile document that consisted of Core section3.4[1] and Profile
>sections 4.2 and 4.2[1].  Such a document, I think, would provide an
>implementer a more comprehensive view of what it takes to implement the
>SSO function.  A more detailed discussion on the use of metadata could
>also be added.  People wishing to extend or reuse the SSO protocol, or
>its elements, can continue to do so but will point to this document
>instead of the core and protocol documents.

I think there are two main problems with that approach:

- dealing with the bindings
- avoiding duplication of material

Metadata is also something of a concern but is more or less included in
the second of those.

The original document design was primarily focused not on approachability
but composability so that material wouldn't get duplicated. The assumption
was that the best way to deal with approachability was not in specs but in
separate documentation explaining things. I don't think we will ever have
such documentation, but I'm still not sure that duplicating so much
material is a good idea either.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]