OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [ws-sx] Proposed Interop for ws-sx examples document


Yes, IBM will participate given that we have time to prepare, so setup the call next week and we will join

Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122

Inactive hide details for "Rich.Levinson" ---08/20/2008 09:44:22 AM---Hi Tony,"Rich.Levinson" ---08/20/2008 09:44:22 AM---Hi Tony,


From:

"Rich.Levinson" <rich.levinson@oracle.com>

To:

Anthony Nadalin/Austin/IBM@IBMUS

Cc:

"ws-sx@lists.oasis-open.org" <ws-sx@lists.oasis-open.org>

Date:

08/20/2008 09:44 AM

Subject:

Re: [ws-sx] Proposed Interop for ws-sx examples document





Hi Tony,

I agree the suggested schedule is aggressive, but as
indicated at end of original email, and on the call, it
is flexible because the objective is to get participation.

I take it from your reply that possibly an October date
with a 2-3 week testing window would be possible for
IBM to participate (see note below - I had not rcvd
your message until after the discussion on the call).

If that is the case, as I mentioned on the call I will plan
a conf call for the end of next week and we can discuss
further details and hopefully additional prospective
participants will join as well. (I will plan to send a
notice of the conf call by end of this week.)

    Thanks,
    Rich

(Note of curiosity on OASIS email behavior: Your email just showed
up in my mailbox (~10:13 EDT 20-Aug-08)
even though it apparently was sent at 10:54PM EDT last night (19-Aug-08)
(which is what my copies say) - maybe the OASIS mail distr
was jammed - since the OASIS time says 20 Aug 2008 14:13:45 -0000.

The only reason I mention it is that during the call a few minutes ago
I rcvd momentary pop up notices that this email had just arrived but didn't
see it in my mailbox until I scrolled back to last night! But the main point
is that when I was talking during the call I hadn't received the email
yet, so it might have seemed strange that I didn't mention receiving
it when it appears it was actually sent last night but not delivered
until the middle of today's call. Just "for the record". - rich)



Anthony Nadalin wrote:


      -------- Original Message --------
       
      Subject:
      Re: [ws-sx] Proposed Interop for ws-sx examples document
      Date:
      Tue, 19 Aug 2008 21:54:38 -0500
      From:
      Anthony Nadalin <drsecure@us.ibm.com>
      To:
      Rich.Levinson <rich.levinson@oracle.com>
      CC:
      ws-sx@lists.oasis-open.org <ws-sx@lists.oasis-open.org>
      References:
      48AB76C1.6080209@oracle.com"><48AB76C1.6080209@oracle.com>




      Rich, that week is way to early, will need more notice to prepare and the
      time length is too short, will need at least 2-3 weeks if done virtual

      Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122


                                                                                                                             
       From:       "Rich.Levinson"
      <rich.levinson@oracle.com>                                                                 
                                                                                                                             
       To:        
      "ws-sx@lists.oasis-open.org" <ws-sx@lists.oasis-open.org>                                                 
                                                                                                                             
       Date:       08/19/2008 08:44 PM                                                                                        
                                                                                                                             
       Subject:    [ws-sx] Proposed Interop for ws-sx examples document.                                                      
                                                                                                                             





      To: WS-SX TC members:

      Based on action item from the 7/23 ws-sx minutes:
      http://lists.oasis-open.org/archives/ws-sx/200807/msg00035.html

      We are planning (proposing) to have a virtual interop during the week
      of Sep 22-26 for the ws-sx examples document.


      http://www.oasis-open.org/committees/document.php?document_id=28909&wg_abbrev=ws-sx


      Below is a tidied up copy of the full table of contents. From that list the
      following have been selected as the initial candidates for this Interop.
      These
      are subject to revision at the agreement of the participating parties. It
      is
      expected that if this first Interop goes well then there will be subsequent
      Interops to test additional scenarios. (Possibly this effort can lead to an
      eventual participation in a generally available Interop test network with
      a focus on security.)

      The intent is to pick scenarios that vendors support and are interested in
      promoting for customer use. We will also consider adding new scenarios not
      included in the doc if there is significant interest in that. Similarly,
      the existing
      examples can be molded to meet current practice if discrepancies are found.

      The "flavor" of these scenarios is primarily straight WS-Security with
      WS-SP policies
      applied. However, there is one scenario that includes WS-Trust (2.3.2.5
      (the ws-sx
      interop scenario) and one with WS-SecureConversation (2.4.1).

      2.1.1.3   UsernameToken with timestamp, nonce and password hash
      15
      2.1.3.1   (WSS 1.0) Encrypted UsernameToken with X.509v3             23
      2.1.4   (WSS 1.1), User Name with Certificates, Sign, Encrypt
      27

      2.2.2.1   (WSS1.0) Mutual Auth, X.509 Certs, Symmetric Encrypt
      38
      2.2.4   (WSS1.1) Mutual Auth with X.509 Cert, Sign, Encrypt          46

      2.3.2.4   (WSS1.1) SAML1.1/2.0 SV w X.509 Cert, Sign, Encr           83
      2.3.2.5   (WSS1.1) SAML1.1/2.0 HK, Sign, Encrypt (Needs STS)
      89

      2.4.1   (WSS 1.0) Sec Conv bootstrap by Mut Auth w X.509 Certs
      114

      The selections were loosely based on the level of interest shown
      during the TC by various contributors. They also represent a good
      cross-section of the capabilities and include some of the more
      difficult examples. As indicated above, it is intended that the
      participants agree on the scenarios selected, so the initial task
      will be to agree on the objectives. If at least 2 participants are
      willing to do an example then it should be included.

      Please send an email to me directly to indicate interest and copy
      anyone else in the TC (or the whole TC) if you want others to know
      of your initial interest (i.e. willing to listen to tentative
      conditional interest levels as well, since the initial purpose
      of this email is to gauge the interest to try to establish critical
      mass - date will be flexible if there is interest in a "better" date).

      Suggestions are welcome.

                  Thanks,
                  Rich



      2 Scenarios
                    13

      2.1   UsernameToken
                    13
      2.1.1   UsernameToken – no security binding
        13
      2.1.1.1   UsernameToken with plain text password
      13
      2.1.1.2   UsernameToken without password
      14
      2.1.1.3   UsernameToken with timestamp, nonce and password hash
      15
      2.1.2   Use of SSL Transport Binding
              16
      2.1.2.1   UsernameToken as supporting token
        17
      2.1.3   (WSS 1.0) UsernameTok w Mut X.509v3 Auth, Sign, Encrypt
      19
      2.1.3.1   (WSS 1.0) Encrypted UsernameToken with X.509v3             23
      2.1.4   (WSS 1.1), User Name with Certificates, Sign, Encrypt
      27

      2.2   X.509 Token Authentication Scenario Assertions
      31
      2.2.1   (WSS1.0) X.509 Certificates, Sign, Encrypt
      31
      2.2.2   (WSS1.0) Mutual Auth with X.509 Certs, Sign, Encrypt
      34
      2.2.2.1   (WSS1.0) Mutual Auth, X.509 Certs, Symmetric Encrypt
      38
      2.2.3   (WSS1.1) Anonymous with X.509 Cert, Sign, Encrypt            42
      2.2.4   (WSS1.1) Mutual Auth with X.509 Cert, Sign, Encrypt          46

      2.3   SAML Token Authentication Scenario Assertions
      52
      2.3.1   WSS 1.0 SAML Token Scenarios
              54
      2.3.1.1   (WSS1.0) SAML1.1 Assertion (Bearer)
        54
      2.3.1.2   (WSS1.0) SAML1.1 Assertion (Sender Vouches (SV)) on SSL 56
      2.3.1.3   (WSS1.0) SAML1.1 Assertion (Holder of key (HK)) on SSL  59
      2.3.1.4   (WSS1.0) SAML1.1 (SV) w X.509 Cert, Sign, Option Encr
      60
      2.3.1.5   (WSS1.0) SAML1.1 Holder of Key, Sign, Optional Encrypt  66
      2.3.2   WSS 1.1 SAML Token Scenarios
              72
      2.3.2.1   (WSS1.1) SAML 2.0 Bearer
        72
      2.3.2.2   (WSS1.1) SAML2.0 Sender Vouches over SSL
      76
      2.3.2.3   (WSS1.1) SAML2.0 HoK over SSL
              78
      2.3.2.4   (WSS1.1) SAML1.1/2.0 SV w X.509 Cert, Sign, Encr           83
      2.3.2.5   (WSS1.1) SAML1.1/2.0 HK, Sign, Encrypt
      89

      2.4   Secure Conversation Scenarios
       114
      2.4.1   (WSS 1.0) Sec Conv bootstrap by Mut Auth w X.509 Certs
      114

       



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]