[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: 15-day public review or 60-day public review?
On last Tuesday's concall (2007-09-25), a number of questions regarding the SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based Systems and the SAMLv2.0 HTTP POST "SimpleSign" Binding were raised. Before I try to answer these questions, I'd like to suggest that we try to use the wiki more effectively. Document editors of course should try to keep the wiki topics up to date. It might also be useful if we routinely passed wiki links to OASIS administrators, rather than direct links into kavi. This makes it easier to accumulate required and requested information all in one place. Anyway, I updated the wiki topics for the Attribute Sharing Profile and the SimpleSign Binding: http://wiki.oasis-open.org/security/SstcSamlX509AuthnAttribProfile http://wiki.oasis-open.org/security/SimpleSignBinding Okay, now let me try to answer the questions that were raised on the call: > 3.2 Docs pending public review > > Pending 15 Day Review > *SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based > Systems (CD 04) > *SAMLv2.0 HTTP POST "SimpleSign" Binding (CD 02) > > The following are needed. > > 1. The dates of the original 60-day review, including a link to the > announcement For the Attribute Sharing Profile, a link was added to the wiki. For the SimpleSign Binding, I can find no record of it ever having gone through a 60-day public review. Does anyone recall when this might have happened? > 2. The comment resolution log of any reported issues > > 3. A change-marked copy of the spec noting the differences from the > version submitted for the 60-day public review. Since the Attribute Sharing Profile has gone through so many revisions since it went to public review (see the wiki), a diff would be essentially worthless. For this reason, and since I can't find any record of the SimpleSign Binding having gone through public review, perhaps we should request 60-day public review periods for both of these documents (and in fact, all four documents currently in the pipeline). What do you think? > Need work on conformance sections: > > SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based > Systems - contains no conformance section This is incorrect. See section 6 of CD-04 linked in the wiki. > SAMLv2.0 HTTP POST "SimpleSign" Binding - contains an inadequate > conformance > section: > "A specification that is approved by the TC at the Public Review Draft, > Committee Specification or OASIS Standard level must include a separate > section, listing a set of numbered conformance clauses, to which any > implementation of the specification must adhere in order to claim > conformance to the specification (or any optional portion thereof)." I'm guessing this means the conformance clauses need to be contained in their own top-level section. Tom
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]