Re: [security-services] Re: Dutch eID Preso follow up. RE: Proposed Minu

security-services message

Subject: Re: [security-services] Re: Dutch eID Preso follow up. RE: Proposed Minutes for SSTC Call (Nov 25, 2014)

From: Martijn Kaag <martijn.kaag@connectis.nl>

To: "Cantor, Scott" <cantor.2@osu.edu>

Date: Wed, 10 Dec 2014 23:15:57 +0100

Thank you. I know how to proceed.

Can we schedule this as an item for the next meeting Dec 23, 2014?

Met vriendelijke groet,

drs. Martijn Kaag

tel +31 (0) 88 01 20 222 | gsm +31 (0) 6 42 94 00 93 | skype martijn.kaag-connectis

On Wed, Dec 10, 2014 at 10:34 PM, Cantor, Scott <cantor.2@osu.edu> wrote:

On 12/10/14, 9:23 PM, "Martijn Kaag" <martijn.kaag@connectis.nl> wrote:

>Thank you Scott for sharing where you are coming from. That is very
>helpful. I understand what you mean and see the rational for the
>extensions element.

Thanks.

>If I look at the use cases presented by Colin, Ian and Michiel I see very
>simular usecases that are now solved in different ways within the
>boundaries of what the xsd permits (= anything goes with respect to the
>extensions element). Moreover, European eIDAS may introduce other
>requirements as well.

Sure. I'm not saying "just do the bare minimum", but until now the only
real clear requirement was the front-channel query idea, which was really
just requested attributes, and that's a pretty simple task.

>If we can find a common ground, the involved countries want this to be
>part of the formal SAML specification (albeit an optional profile) to
>stimulate out-of-the-box support from vendors. OASIS should be supporting
>this. Can you please advise on how to proceed?

The specification itself is basically a closed item. This is just a new
specification defining one or more extensions, like many before now.
They're Committee Specifications unless somebody actually implements and
attests to it, and then they can ballot to become Standards.

>NB 'nobody to do it' is an issue that can be addressed.

For a 2.1? Maybe, but that's a huge amount of work, and the value is very
limited unless the "bodies" doing it understood all the post 2.0 work that
has been done and were willing to incorporate it. When I offered to work
on it before I had to withdraw, that was the value proposition.

-- Scott

www.connectis.nl | Postbus 975 | 3000 AZ Rotterdam | +31 (0) 88 - 0120 222 | KvK 24444001

Connectis ontwikkelt een nieuw platform en zoekt ervaren software engineers.

Kijk op www.werkenbijconnectis.nl voor meer informatie.

Connectis, FederateNow™ en ZorgverlenerOnline zijn handelsmerken van Connected Information Systems B.V.

Dit e-mailbericht en enige bijlage is uitsluitend bestemd voor de geadresseerde(n) en strikt vertrouwelijk. Aan dit bericht kunnen geen rechten ontleend worden. Op het werk van Connected Information Systems B.V. zijn haar algemene voorwaarden van toepassing.