Mary, I like your suggestion and will plan on incorporating it. Von Mary Thompson writes (11:35 June 10, 2005):
Von, The only discord I see in the document is the part about SAML 1.1 vs 2.0. 2.0 was finalized in Mar 2005. Are you going to keep this document dated Feb 2005 and just ignore the fact that it won't be approved until later this summer? Maybe you could change some of the tenses in section 3. e.g At the time this document was written, SAML 1.1 was the latest version. (and we didn't want to wait for SAML 2.0).
Mary
Von Welch wrote:
I've uploaded a new version of the SAML authorization profile (dated today, June 8th, urls below). This version has a number of corrections in that the previous version of the document had contradictions between sections or underspecification in places. I've confirmed with both the major implementors (Globus and PERMIS) that they both have the same interpretations of the ambiquities and captured those in the new document. A complete list of changes is appended.
Given the scope of changes, I propose that the group be given until the upcoming GGF to comment. Barring substantial comments at that point I propose the document has past last call and should be advanced.
Von
Word version (with change tracking): https://forge.gridforum.org/docman2/ViewProperties.php?group_id=119&category_id=450&document_content_id=3917
PDF version: https://forge.gridforum.org/docman2/ViewProperties.php?group_id=119&category_id=450&document_content_id=3918
Changes from January 2005 to current version: * ?should? to ?SHOULD? in 6.1.2 * Removed editor?s comment in 6.1.2 * Updated WSS-X509 reference. * In Appendix B: Added step about properly URI encoding hash per RFC 1630. * Updated acknowledgements. * Numerous minor editorial corrections from Tom Scavo. * Table 1: Corrected namespace prefixes to be lowercase. * Clarified second sentence of the second paragraph of 6.1.4.2. * Section 6.1.5: Changed to reflect renaming of SubjectAttributeReferenceAdvice element. * Table 1: Corrected ogsa-saml namespace to match with what is in 7.3. * Section 7.3: Removed unused xmlns:soap namespace. * Section 7.3: Corrected xmlns:samlp namespace to match what is in Table 1. * Section 11: Removed reference to ?ADF? since it was undefined in this document. * Section 10: Updated David Chadwick?s contact information. * Section 5.1: Added text clarifying what client should do if they receive an unsigned response when a signed response was requested. * Section 6.1.2: Clarified between ConfirmationMethod between when authentication was done with proxy certificates and end entity certs. * Section 6.1.4.1: Added note about moving to qualified name in future version of the document.
-- --------------------------------------------------------------------- Mary R. Thompson <MRThompson@lbl.gov> Secure Grid Technologies Group (510) 486-7408 Lawrence Berkeley National Lab http://dsd.lbl.gov/~mrt ----------------------------------------------------------------------