[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Proposed Interop for ws-sx examples document
To: WS-SX TC members:|
Based on action item from the 7/23 ws-sx minutes:
We are planning (proposing) to have a virtual interop during the week
of Sep 22-26 for the ws-sx examples document.
Below is a tidied up copy of the full table of contents. From that list the
following have been selected as the initial candidates for this Interop. These
are subject to revision at the agreement of the participating parties. It is
expected that if this first Interop goes well then there will be subsequent
Interops to test additional scenarios. (Possibly this effort can lead to an
eventual participation in a generally available Interop test network with
a focus on security.)
The intent is to pick scenarios that vendors support and are interested in
promoting for customer use. We will also consider adding new scenarios not
included in the doc if there is significant interest in that. Similarly, the existing
examples can be molded to meet current practice if discrepancies are found.
The "flavor" of these scenarios is primarily straight WS-Security with WS-SP policies
applied. However, there is one scenario that includes WS-Trust (188.8.131.52 (the ws-sx
interop scenario) and one with WS-SecureConversation (2.4.1).
184.108.40.206 UsernameToken with timestamp, nonce and password hash 15 220.127.116.11 (WSS 1.0) Encrypted UsernameToken with X.509v3 23 2.1.4 (WSS 1.1), User Name with Certificates, Sign, Encrypt 27 18.104.22.168 (WSS1.0) Mutual Auth, X.509 Certs, Symmetric Encrypt 38 2.2.4 (WSS1.1) Mutual Auth with X.509 Cert, Sign, Encrypt 46 22.214.171.124 (WSS1.1) SAML1.1/2.0 SV w X.509 Cert, Sign, Encr 83 126.96.36.199 (WSS1.1) SAML1.1/2.0 HK, Sign, Encrypt (Needs STS) 89 2.4.1 (WSS 1.0) Sec Conv bootstrap by Mut Auth w X.509 Certs 114 The selections were loosely based on the level of interest shown during the TC by various contributors. They also represent a good cross-section of the capabilities and include some of the more difficult examples. As indicated above, it is intended that the participants agree on the scenarios selected, so the initial task will be to agree on the objectives. If at least 2 participants are willing to do an example then it should be included. Please send an email to me directly to indicate interest and copy anyone else in the TC (or the whole TC) if you want others to know of your initial interest (i.e. willing to listen to tentative conditional interest levels as well, since the initial purpose of this email is to gauge the interest to try to establish critical mass - date will be flexible if there is interest in a "better" date). Suggestions are welcome. Thanks, Rich
2 Scenarios 13 2.1 UsernameToken 13 2.1.1 UsernameToken – no security binding 13 188.8.131.52 UsernameToken with plain text password 13 184.108.40.206 UsernameToken without password 14 220.127.116.11 UsernameToken with timestamp, nonce and password hash 15 2.1.2 Use of SSL Transport Binding 16 18.104.22.168 UsernameToken as supporting token 17 2.1.3 (WSS 1.0) UsernameTok w Mut X.509v3 Auth, Sign, Encrypt 19 22.214.171.124 (WSS 1.0) Encrypted UsernameToken with X.509v3 23 2.1.4 (WSS 1.1), User Name with Certificates, Sign, Encrypt 27 2.2 X.509 Token Authentication Scenario Assertions 31 2.2.1 (WSS1.0) X.509 Certificates, Sign, Encrypt 31 2.2.2 (WSS1.0) Mutual Auth with X.509 Certs, Sign, Encrypt 34 126.96.36.199 (WSS1.0) Mutual Auth, X.509 Certs, Symmetric Encrypt 38 2.2.3 (WSS1.1) Anonymous with X.509 Cert, Sign, Encrypt 42 2.2.4 (WSS1.1) Mutual Auth with X.509 Cert, Sign, Encrypt 46 2.3 SAML Token Authentication Scenario Assertions 52 2.3.1 WSS 1.0 SAML Token Scenarios 54 188.8.131.52 (WSS1.0) SAML1.1 Assertion (Bearer) 54 184.108.40.206 (WSS1.0) SAML1.1 Assertion (Sender Vouches (SV)) on SSL 56 220.127.116.11 (WSS1.0) SAML1.1 Assertion (Holder of key (HK)) on SSL 59 18.104.22.168 (WSS1.0) SAML1.1 (SV) w X.509 Cert, Sign, Option Encr 60 22.214.171.124 (WSS1.0) SAML1.1 Holder of Key, Sign, Optional Encrypt 66 2.3.2 WSS 1.1 SAML Token Scenarios 72 126.96.36.199 (WSS1.1) SAML 2.0 Bearer 72 188.8.131.52 (WSS1.1) SAML2.0 Sender Vouches over SSL 76 184.108.40.206 (WSS1.1) SAML2.0 HoK over SSL 78 220.127.116.11 (WSS1.1) SAML1.1/2.0 SV w X.509 Cert, Sign, Encr 83 18.104.22.168 (WSS1.1) SAML1.1/2.0 HK, Sign, Encrypt 89 2.4 Secure Conversation Scenarios 114 2.4.1 (WSS 1.0) Sec Conv bootstrap by Mut Auth w X.509 Certs 114