[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] goal statement thread
Mishra, Prateek wrote: > The goals of the SAML 2.0 effort include: > > (1) addressing issues that have arisen from experience with real-world SAML > 1.0 and SAML 1.1 implementations, > > (2) expanding the scope of the SAML specification to address features such > as identity > federation, session > context, metadata exchange, authentication services, plus > specify new > SAML profiles that make use of them, such as B2B, A2A, back-office > profiles. > > (3) addressing issues that have arisen from the development of other > security specifications that make use of SAML 1.X, such as WS-Security and > XACML > > (4) incorporation of the Liberty Alliance ID-FF v1.1 and v1.2 > specifications as foundation specifications. People will notice that I played with this text a bit in the FAQ. I was trying to fix a couple of problems I perceived: Point #2 is too specific about profiles; we still have to go through a use-case acceptance phase for the non-ID-FF work items around this. Also, points #2 and #4 seem to overlap a bit because of the Liberty connection of many of the new features. And #1 and #2 are sort of similar in nature as well. What do people think of this new formulation? What's below is an update of the FAQ text. The first goal is essentially about maturity and interoperability, and the second goal is about the natural feature arc of SAML. ======== The goals of the SAML 2.0 effort include: o Addressing issues and enhancement requests that have arisen from experience with real-world SAML implementations and with standards architectures that use SAML, such as the OASIS WSS and XACML work. o Adding support for features that were deferred from previous versions of SAML for schedule reasons, such as session support, the exchange of metadata to ensure more interoperable interactions, and collection of credentials. This support will be based on the Liberty Alliance ID-FF V1.1 [and V1.2?] specifications that were contributed to the TC. ======== I think we need to make a decision on the official goal statement pretty soon, as the FAQ and other materials will want to use it. Eve p.s. Has *everyone* doublechecked with their OASIS voting rep about their SAML V1.1 vote being recorded????? -- Eve Maler +1 781 442 3190 Sun Microsystems cell +1 781 354 9441 Web Products, Technologies, and Standards eve.maler @ sun.com ********************************************************************** SunNetwork 2003 Conference and Pavilion http://www.sun.com/sunnetwork September 16-18, 2003 Moscone Center, San Francisco An unparalleled event in network computing! Make the net work for you!
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]