FYI OASIS has announced a 60-day public review period for a group of five specifications being considered by the SSTC. Three of those specifications involve attributes. Of particular interest to this group is the SAML V2.0 Deployment Profiles for X.509 Subjects, which underlies the OGSA Attribute Exchange Profile (a new version of which Valerio uploaded to gridforge this morning). Also of interest is the SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based Systems, which supports the same use case as the SAML V2.0 Deployment Profiles for X.509 Subjects but has a different emphasis. Of course your comments are encouraged. Note that the OASIS TC process requires that all comments be given full consideration before the specification can proceed in committee. Thanks, Tom Scavo NCSA ---------- Forwarded message ---------- From: Mary McRae <mary.mcrae@oasis-open.org> Date: Dec 10, 2007 11:30 PM Subject: [security-services] Public Review of SAML Specifications To: members@lists.oasis-open.org, tc-announce@lists.oasis-open.org Cc: OASIS SSTC <security-services@lists.oasis-open.org> To OASIS members, Public Announce Lists: The OASIS Security Services (SAML) TC has recently approved the following specifications as Committee Drafts and approved each of the following five (5) specifications for public review: 1. SAMLv2.0 HTTP POST "SimpleSign" Binding 2. Identity Provider Discovery Service Protocol and Profile 3. SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based Systems 4. SAML V2.0 Deployment Profiles for X.509 Subjects 5. SAML V2.0 LDAP/X.500 Attribute Profile The public review starts today, 11 December 2007, and ends 9 February 2008. This is an open invitation to comment. We strongly encourage feedback from potential users, developers and others, whether OASIS members or not, for the sake of improving the interoperability and quality of OASIS work. Please feel free to distribute this announcement within your organization and to other appropriate mail lists. More non-normative information about the specification and the technical committee may be found at the public home page of the TC at http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security. Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be located via the button marked "Send A Comment" at the top of that page, or directly at http://www.oasis-open.org/committees/comments/index.php?wg_abbrev=security. Submitted comments (for this work as well as other works of that TC) are publicly archived and can be viewed at http://lists.oasis-open.org/archives/security-services-comment/. All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. The specification document and related files are available here: 1. SAMLv2.0 HTTP POST "SimpleSign" Binding Editable Source: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-binding-simplesig... -02.odt PDF: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-binding-simplesig... -02.pdf HTML: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-binding-simplesig... -02.html 2. Identity Provider Discovery Service Protocol and Profile Editable Source: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-idp-discovery-cd-... dt PDF: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-idp-discovery-cd-... df HTML: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-idp-discovery-cd-... tml Schema: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-idp-discovery-cd-... df 3. SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based Systems Editable Source: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-x509-authn-attrib... file-cd-04.odt PDF: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-x509-authn-attrib... file-cd-04.pdf HTML: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-x509-authn-attrib... file-cd-04.html 4. SAML V2.0 Deployment Profiles for X.509 Subjects Editable Source: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-profiles-deploy-... -cd-02.odt PDF: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-profiles-deploy-... -cd-02.pdf HTML: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-profiles-deploy-... -cd-02.html Schema: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-profiles-deploy-... .xsd 5. SAML V2.0 LDAP/X.500 Attribute Profile Editable Source: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-attribute-x500-cd.... odt PDF: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-attribute-x500-cd.... pdf HTML: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-attribute-x500-cd.... html OASIS and the Security Services (SAML) TC welcome your comments. --------------------------------------------------- Mary P McRae Manager of TC Administration, OASIS email: mary.mcrae@oasis-open.org web: www.oasis-open.org --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. You may a link to this group and all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php