Security/identity · 2008-06-17

SAML (dot) XML dot org, and a C.f.P.I.

Check it out — OASIS has added a SAML entry to its growing list of XML.org community websites for its Standards (press release), and Sun is a proud sponsor. I’m not exactly sure why there’s a space instead of a dot between the SAML and XML part, but the official name is SAML XML.org.

The Security Services Technical Committee is in the middle of doing a refresh of our original public home page to ensure that there are no missing tidbits of info on the new site. Also check out our working-area wiki if you want to know the status of various docs in progress.

This is also a great juncture to announce a Call for Profiling Intentions. A what?? Let me ‘splain.

In the post-SAML2 era the SSTC has fielded many requests to take up profiles, bindings, and extensions based on real-world experience — things like SimpleSign for less digital signing overhead, an alternative method for IdP Discovery, and an Attribute-Sharing Profile that’s X.509-friendly.

I know there are at least a few other profiles-in-waiting out there, so in order to manage our docket better over the next few months and ensure that these new specs are designed cohesively, the SSTC is asking you to give us a heads-up on your plans.

Just drop me a note with a proposed title, short abstract/motivation, and the anticipated date of your initial contribution — and if you’re doing any kind of profile on your own and plan to seek the SSTC’s advice, let me know that too. I’ll coordinate upcoming schedules with our co-chairs Brian Campbell and Hal Lockhart and with you.

Please get in touch by Friday July 25 so we can get our next round of work mapped out.

Share and enjoy!