[OGSA-AUTHZ] Fwd: [security-services] Public Review of SAML Specifications

[Tom Scavo]

FYI

OASIS has announced a 60-day public review period for a group of five
specifications being considered by the SSTC.  Three of those
specifications involve attributes.  Of particular interest to this
group is the SAML V2.0 Deployment Profiles for X.509 Subjects, which
underlies the OGSA Attribute Exchange Profile (a new version of which
Valerio uploaded to gridforge this morning).  Also of interest is the
SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based
Systems, which supports the same use case as the SAML V2.0 Deployment
Profiles for X.509 Subjects but has a different emphasis.

Of course your comments are encouraged.  Note that the OASIS TC
process requires that all comments be given full consideration before
the specification can proceed in committee.

Thanks,

Tom Scavo
NCSA

---------- Forwarded message ----------
From: Mary McRae <mary.mcrae at oasis-open.org>
Date: Dec 10, 2007 11:30 PM
Subject: [security-services] Public Review of SAML Specifications
To: members at lists.oasis-open.org, tc-announce at lists.oasis-open.org
Cc: OASIS SSTC <security-services at lists.oasis-open.org>


To OASIS members, Public Announce Lists:

The OASIS Security Services (SAML) TC has recently approved the following
specifications as Committee Drafts and approved each of the following five (5)
specifications for public review:

1. SAMLv2.0 HTTP POST "SimpleSign" Binding
2. Identity Provider Discovery Service Protocol and Profile
3. SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based Systems
4. SAML V2.0 Deployment Profiles for X.509 Subjects
5. SAML V2.0 LDAP/X.500 Attribute Profile

The public review starts today, 11 December 2007, and ends 9 February 2008. This
is an open invitation to comment. We strongly encourage feedback from potential
users, developers and others, whether OASIS members or not, for the sake of
improving the interoperability and quality of OASIS work. Please feel free to
distribute this announcement within your organization and to other appropriate
mail lists.

More non-normative information about the specification and the technical
committee may be found at the public home page of the TC at
http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security. Comments
may be submitted to the TC by any person through the use of the OASIS TC Comment
Facility which can be located via the button marked "Send A Comment" at the top
of that page, or directly at
http://www.oasis-open.org/committees/comments/index.php?wg_abbrev=security.

Submitted comments (for this work as well as other works of that TC) are
publicly archived and can be viewed at
http://lists.oasis-open.org/archives/security-services-comment/. All comments
submitted to OASIS are subject to the OASIS Feedback License, which ensures that
the feedback you provide carries the same obligations at least as the
obligations of the TC members.

The specification document and related files are available here:

1. SAMLv2.0 HTTP POST "SimpleSign" Binding
Editable Source:
http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-binding-simplesign-cd
-02.odt
PDF:
http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-binding-simplesign-cd
-02.pdf
HTML:
http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-binding-simplesign-cd
-02.html

2. Identity Provider Discovery Service Protocol and Profile
Editable Source:
http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-idp-discovery-cd-02.o
dt
PDF:
http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-idp-discovery-cd-02.p
df
HTML:
http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-idp-discovery-cd-02.h
tml
Schema:
http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-idp-discovery-cd-02.p
df

3. SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based Systems
Editable Source:
http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-x509-authn-attrib-pro
file-cd-04.odt
PDF:
http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-x509-authn-attrib-pro
file-cd-04.pdf
HTML:
http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-x509-authn-attrib-pro
file-cd-04.html

4. SAML V2.0 Deployment Profiles for X.509 Subjects
Editable Source:
http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-profiles-deploy-x509
-cd-02.odt
PDF:
http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-profiles-deploy-x509
-cd-02.pdf
HTML:
http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-profiles-deploy-x509
-cd-02.html
Schema:
http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-profiles-deploy-x509
.xsd

5. SAML V2.0 LDAP/X.500 Attribute Profile
Editable Source:
http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-attribute-x500-cd-02.
odt
PDF:
http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-attribute-x500-cd-02.
pdf
HTML:
http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-attribute-x500-cd-02.
html

OASIS and the Security Services (SAML) TC welcome your comments.


---------------------------------------------------
Mary P McRae
Manager of TC Administration, OASIS
email: mary.mcrae at oasis-open.org
web: www.oasis-open.org


---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  You may a link to this group and all your TCs in OASIS
at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php