From Eve.Maler at Sun.COM Tue Jun 17 15:57:10 2008 From: Eve.Maler at Sun.COM (Eve Maler) Date: Tue, 17 Jun 2008 15:57:10 -0700 Subject: [Sig-wsh] Beginning to collect use cases Message-ID: <6D9427F3-30A5-4823-B4C1-A8FDE5DC4F3D@Sun.COM> Hi, all. Looks like we've got a "wish sig"! (I'd been hoping for a name like WS-Harmony but this is good too. :-) ) The plan, I believe, is to schedule a telecon for July to ensure we an include various folks once they've returned from vacation. So we've got some time now to get some thoughts on the table if we want to. John Bradley has told me it's okay for me to send out the use case document that Andy Dale put together a week or so ago, so I've attached that below with his accompanying comments. It's always valuable to have something to work off of! I think it's a great start and is, in parts, quite thought-provoking. There's a category of use cases not addressed here that we still need to tackle, which has to do with straight-ahead managed services environments in which both "plain" STS's and ID-WSF services play a big part. I'm hoping to get the okay to send out some stuff that's been previously written on this topic. Stay tuned. Eve ==== Quoth Andy: "I always hate putting out the first document in this type of collaboration as I have no idea what the expectations are and just how far off mark I might be.... However, I do it anyway and that's why we get things done. So if nothing else this doc should give us something to work against and 'correct'. Once we have agreed upon our base set of UseCases I imagine a bunch of 'templates' that get completed for each possible solution. The template will include things like: - Actual user flow description based on this solution (infoCards vs OP redirect, etc...) - What technology each actor would have to deploy for this solution and how many man days it 'might' take to do that. (including client side requirements for end users) - Privacy Profile - How much data is publicly available? Does the user NEED a global ID? Is discovery leaking information? - Complete Sequence diagram of interactions (including resolution and discovery steps). If there is agreement that this is a good direction then I am happy to work on the template and then to complete the template for the pure 'i- names/OpenID' implementations as those are the ones I know the best. PLEASE: if you have a better process/idea... let me know." ==== -------------- next part -------------- A non-text attachment was scrubbed... Name: ID UseCases.odt Type: application/vnd.oasis.opendocument.text Size: 15742 bytes Desc: not available Url : http://lists.projectliberty.org/pipermail/sig-wsh_lists.projectliberty.org/attachments/20080617/1ea8d9b5/attachment.bin -------------- next part -------------- Eve Maler +1 425 947 4522 Principal Engineer eve.maler @ sun.com Business Alliances group Sun Microsystems, Inc. From Eve.Maler at Sun.COM Tue Jun 17 16:02:25 2008 From: Eve.Maler at Sun.COM (Eve Maler) Date: Tue, 17 Jun 2008 16:02:25 -0700 Subject: [Sig-wsh] Beginning to collect use cases Message-ID: <186C0043-6275-4469-A9DE-40D7FDB762E7@Sun.COM> Hi, all. Looks like we've got a "wish sig"! (I'd been hoping for a name like WS-Harmony but this is good too. :-) ) The plan, I believe, is to schedule a telecon for July to ensure we an include various folks once they've returned from vacation. So we've got some time now to get some thoughts on the table if we want to. John Bradley has told me it's okay for me to send out the use case document that Andy Dale put together a week or so ago, so I've attached that below with his accompanying comments. It's always valuable to have something to work off of! I think it's a great start and is, in parts, quite thought-provoking. There's a category of use cases not addressed here that we still need to tackle, which has to do with straight-ahead managed services environments in which both "plain" STS's and ID-WSF services play a big part. I'm hoping to get the okay to send out some stuff that's been previously written on this topic. Stay tuned. Eve ==== Quoth Andy: "I always hate putting out the first document in this type of collaboration as I have no idea what the expectations are and just how far off mark I might be.... However, I do it anyway and that's why we get things done. So if nothing else this doc should give us something to work against and 'correct'. Once we have agreed upon our base set of UseCases I imagine a bunch of 'templates' that get completed for each possible solution. The template will include things like: - Actual user flow description based on this solution (infoCards vs OP redirect, etc...) - What technology each actor would have to deploy for this solution and how many man days it 'might' take to do that. (including client side requirements for end users) - Privacy Profile - How much data is publicly available? Does the user NEED a global ID? Is discovery leaking information? - Complete Sequence diagram of interactions (including resolution and discovery steps). If there is agreement that this is a good direction then I am happy to work on the template and then to complete the template for the pure 'i- names/OpenID' implementations as those are the ones I know the best. PLEASE: if you have a better process/idea... let me know." ==== -------------- next part -------------- A non-text attachment was scrubbed... Name: ID UseCases.odt Type: application/vnd.oasis.opendocument.text Size: 15742 bytes Desc: not available Url : http://lists.projectliberty.org/pipermail/sig-wsh_lists.projectliberty.org/attachments/20080617/2121f3a9/attachment-0001.bin -------------- next part -------------- Eve Maler +1 425 947 4522 Principal Engineer eve.maler @ sun.com Business Alliances group Sun Microsystems, Inc. From brett at projectliberty.org Mon Jun 23 13:36:09 2008 From: brett at projectliberty.org (Brett McDowell) Date: Mon, 23 Jun 2008 16:36:09 -0400 Subject: [Sig-wsh] Beginning to collect use cases In-Reply-To: <6D9427F3-30A5-4823-B4C1-A8FDE5DC4F3D@Sun.COM> References: <6D9427F3-30A5-4823-B4C1-A8FDE5DC4F3D@Sun.COM> Message-ID: <11E86E29-8F33-4690-A5F9-973047108E6F@projectliberty.org> Thanks Eve for getting this thread started. Andy or John, are you on this email list (I think you are but consider this a test message to that fact)? Could you provide a little context around your use-case(s) and how you might expect ID-WSF and WS* harmonization to be relevant to supporting your use-case(s)? -- Brett On Jun 17, 2008, at 6:57 PM, Eve Maler wrote: > Hi, all. Looks like we've got a "wish sig"! (I'd been hoping for a > name like WS-Harmony but this is good too. :-) ) > > The plan, I believe, is to schedule a telecon for July to ensure we > an include various folks once they've returned from vacation. So > we've got some time now to get some thoughts on the table if we want > to. > > John Bradley has told me it's okay for me to send out the use case > document that Andy Dale put together a week or so ago, so I've > attached that below with his accompanying comments. It's always > valuable to have something to work off of! I think it's a great > start and is, in parts, quite thought-provoking. There's a category > of use cases not addressed here that we still need to tackle, which > has to do with straight-ahead managed services environments in which > both "plain" STS's and ID-WSF services play a big part. I'm hoping > to get the okay to send out some stuff that's been previously > written on this topic. Stay tuned. > > Eve > > ==== > Quoth Andy: > > "I always hate putting out the first document in this type of > collaboration as I have no idea what the expectations are and just > how far off mark I might be.... However, I do it anyway and that's > why we get things done. > > So if nothing else this doc should give us something to work against > and 'correct'. > > Once we have agreed upon our base set of UseCases I imagine a bunch > of 'templates' that get completed for each possible solution. The > template will include things like: > > - Actual user flow description based on this solution (infoCards vs > OP redirect, etc...) > - What technology each actor would have to deploy for this solution > and how many man days it 'might' take to do that. (including client > side requirements for end users) > - Privacy Profile - How much data is publicly available? Does the > user NEED a global ID? Is discovery leaking information? > - Complete Sequence diagram of interactions (including resolution > and discovery steps). > > If there is agreement that this is a good direction then I am happy > to work on the template and then to complete the template for the > pure 'i-names/OpenID' implementations as those are the ones I know > the best. > > PLEASE: if you have a better process/idea... let me know." > ==== > > > > > Eve Maler +1 425 947 4522 > Principal Engineer eve.maler @ sun.com > Business Alliances group Sun Microsystems, Inc. > _______________________________________________ > Sig-wsh mailing list > Sig-wsh at lists.projectliberty.org > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org From john.bradley at wingaa.com Mon Jun 23 14:43:21 2008 From: john.bradley at wingaa.com (John Bradley) Date: Mon, 23 Jun 2008 14:43:21 -0700 Subject: [Sig-wsh] Beginning to collect use cases In-Reply-To: <11E86E29-8F33-4690-A5F9-973047108E6F@projectliberty.org> References: <6D9427F3-30A5-4823-B4C1-A8FDE5DC4F3D@Sun.COM> <11E86E29-8F33-4690-A5F9-973047108E6F@projectliberty.org> Message-ID: <61940C66-DAA0-467E-B028-655098C6E93B@wingaa.com> Hi Brett, Andy is on vacation to July 1. We started work on the use-cases prior to WSH, however they are will be relevant in that they are intended to explore cross technology user flows with ID-WSF, WS-*, OpenID and XRDS/XRI/XDI. What we circulated to Eve was a template and an initial couple of flows. We were hoping to get some feedback on the template before creating more. Eve has given us her feedback. Other comments are encouraged. Once Andy is back we will get back fleshing out some more flows. Regards John Bradley On 23-Jun-08, at 1:36 PM, Brett McDowell wrote: > Thanks Eve for getting this thread started. > > Andy or John, are you on this email list (I think you are but consider > this a test message to that fact)? Could you provide a little context > around your use-case(s) and how you might expect ID-WSF and WS* > harmonization to be relevant to supporting your use-case(s)? > > -- Brett > > On Jun 17, 2008, at 6:57 PM, Eve Maler wrote: > >> Hi, all. Looks like we've got a "wish sig"! (I'd been hoping for a >> name like WS-Harmony but this is good too. :-) ) >> >> The plan, I believe, is to schedule a telecon for July to ensure we >> an include various folks once they've returned from vacation. So >> we've got some time now to get some thoughts on the table if we want >> to. >> >> John Bradley has told me it's okay for me to send out the use case >> document that Andy Dale put together a week or so ago, so I've >> attached that below with his accompanying comments. It's always >> valuable to have something to work off of! I think it's a great >> start and is, in parts, quite thought-provoking. There's a category >> of use cases not addressed here that we still need to tackle, which >> has to do with straight-ahead managed services environments in which >> both "plain" STS's and ID-WSF services play a big part. I'm hoping >> to get the okay to send out some stuff that's been previously >> written on this topic. Stay tuned. >> >> Eve >> >> ==== >> Quoth Andy: >> >> "I always hate putting out the first document in this type of >> collaboration as I have no idea what the expectations are and just >> how far off mark I might be.... However, I do it anyway and that's >> why we get things done. >> >> So if nothing else this doc should give us something to work against >> and 'correct'. >> >> Once we have agreed upon our base set of UseCases I imagine a bunch >> of 'templates' that get completed for each possible solution. The >> template will include things like: >> >> - Actual user flow description based on this solution (infoCards vs >> OP redirect, etc...) >> - What technology each actor would have to deploy for this solution >> and how many man days it 'might' take to do that. (including client >> side requirements for end users) >> - Privacy Profile - How much data is publicly available? Does the >> user NEED a global ID? Is discovery leaking information? >> - Complete Sequence diagram of interactions (including resolution >> and discovery steps). >> >> If there is agreement that this is a good direction then I am happy >> to work on the template and then to complete the template for the >> pure 'i-names/OpenID' implementations as those are the ones I know >> the best. >> >> PLEASE: if you have a better process/idea... let me know." >> ==== >> >> >> >> >> Eve Maler +1 425 947 4522 >> Principal Engineer eve.maler @ sun.com >> Business Alliances group Sun Microsystems, Inc. >> _______________________________________________ >> Sig-wsh mailing list >> Sig-wsh at lists.projectliberty.org >> http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org > > > _______________________________________________ > Sig-wsh mailing list > Sig-wsh at lists.projectliberty.org > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.projectliberty.org/pipermail/sig-wsh_lists.projectliberty.org/attachments/20080623/2f982cb6/attachment.html From paulmadsen at rogers.com Mon Jun 23 16:01:26 2008 From: paulmadsen at rogers.com (Paul Madsen) Date: Mon, 23 Jun 2008 19:01:26 -0400 Subject: [Sig-wsh] Beginning to collect use cases In-Reply-To: <11E86E29-8F33-4690-A5F9-973047108E6F@projectliberty.org> References: <6D9427F3-30A5-4823-B4C1-A8FDE5DC4F3D@Sun.COM> <11E86E29-8F33-4690-A5F9-973047108E6F@projectliberty.org> Message-ID: <48602B46.7020304@rogers.com> the connection I see between the two (somewhat seemingly disconnected) WSH focus areas is a) ID-WSF & WS-* harmonization implies profiling WS-Trust to allow a WSC to obtain security tokens b) the above (may) implies separating discovery from token issuance c) separating discovery from token issuance introduces the possibility of using different discovery mechanisms, like XRDS d) some of Andy/John's scenarios (we need a better descriptor) touch on the above application of XRDS paul Brett McDowell wrote: > Thanks Eve for getting this thread started. > > Andy or John, are you on this email list (I think you are but consider > this a test message to that fact)? Could you provide a little context > around your use-case(s) and how you might expect ID-WSF and WS* > harmonization to be relevant to supporting your use-case(s)? > > -- Brett > > On Jun 17, 2008, at 6:57 PM, Eve Maler wrote: > > >> Hi, all. Looks like we've got a "wish sig"! (I'd been hoping for a >> name like WS-Harmony but this is good too. :-) ) >> >> The plan, I believe, is to schedule a telecon for July to ensure we >> an include various folks once they've returned from vacation. So >> we've got some time now to get some thoughts on the table if we want >> to. >> >> John Bradley has told me it's okay for me to send out the use case >> document that Andy Dale put together a week or so ago, so I've >> attached that below with his accompanying comments. It's always >> valuable to have something to work off of! I think it's a great >> start and is, in parts, quite thought-provoking. There's a category >> of use cases not addressed here that we still need to tackle, which >> has to do with straight-ahead managed services environments in which >> both "plain" STS's and ID-WSF services play a big part. I'm hoping >> to get the okay to send out some stuff that's been previously >> written on this topic. Stay tuned. >> >> Eve >> >> ==== >> Quoth Andy: >> >> "I always hate putting out the first document in this type of >> collaboration as I have no idea what the expectations are and just >> how far off mark I might be.... However, I do it anyway and that's >> why we get things done. >> >> So if nothing else this doc should give us something to work against >> and 'correct'. >> >> Once we have agreed upon our base set of UseCases I imagine a bunch >> of 'templates' that get completed for each possible solution. The >> template will include things like: >> >> - Actual user flow description based on this solution (infoCards vs >> OP redirect, etc...) >> - What technology each actor would have to deploy for this solution >> and how many man days it 'might' take to do that. (including client >> side requirements for end users) >> - Privacy Profile - How much data is publicly available? Does the >> user NEED a global ID? Is discovery leaking information? >> - Complete Sequence diagram of interactions (including resolution >> and discovery steps). >> >> If there is agreement that this is a good direction then I am happy >> to work on the template and then to complete the template for the >> pure 'i-names/OpenID' implementations as those are the ones I know >> the best. >> >> PLEASE: if you have a better process/idea... let me know." >> ==== >> >> >> >> >> Eve Maler +1 425 947 4522 >> Principal Engineer eve.maler @ sun.com >> Business Alliances group Sun Microsystems, Inc. >> _______________________________________________ >> Sig-wsh mailing list >> Sig-wsh at lists.projectliberty.org >> http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org >> > > > _______________________________________________ > Sig-wsh mailing list > Sig-wsh at lists.projectliberty.org > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org > > > -- Paul Madsen e:paulmadsen @ ntt-at.com NTT p:613-482-0432 m:613-282-8647 aim:PaulMdsn5 web:connectid.blogspot.com From joni at ieee-isto.org Tue Jun 24 10:09:34 2008 From: joni at ieee-isto.org (Joni Brennan) Date: Tue, 24 Jun 2008 10:09:34 -0700 Subject: [Sig-wsh] Beginning to collect use cases In-Reply-To: <48602B46.7020304@rogers.com> References: <6D9427F3-30A5-4823-B4C1-A8FDE5DC4F3D@Sun.COM> <11E86E29-8F33-4690-A5F9-973047108E6F@projectliberty.org> <48602B46.7020304@rogers.com> Message-ID: <947ea3330806241009o3248059fg4faf05ef3ed68b73@mail.gmail.com> All, I've created a couple of wiki pages to help track and progress the work. The pages can be found in the WSH SIG wiki work area here: - http://wiki.projectliberty.org/index.php/WSH_Use_Case_Template_Ideas - http://wiki.projectliberty.org/index.php/WSH_Use_Case_Focus_Points Cheers, Joni On Mon, Jun 23, 2008 at 4:01 PM, Paul Madsen wrote: > the connection I see between the two (somewhat seemingly disconnected) > WSH focus areas is > > a) ID-WSF & WS-* harmonization implies profiling WS-Trust to allow a WSC > to obtain security tokens > b) the above (may) implies separating discovery from token issuance > c) separating discovery from token issuance introduces the possibility > of using different discovery mechanisms, like XRDS > d) some of Andy/John's scenarios (we need a better descriptor) touch on > the above application of XRDS > > paul > > Brett McDowell wrote: > > Thanks Eve for getting this thread started. > > > > Andy or John, are you on this email list (I think you are but consider > > this a test message to that fact)? Could you provide a little context > > around your use-case(s) and how you might expect ID-WSF and WS* > > harmonization to be relevant to supporting your use-case(s)? > > > > -- Brett > > > > On Jun 17, 2008, at 6:57 PM, Eve Maler wrote: > > > > > >> Hi, all. Looks like we've got a "wish sig"! (I'd been hoping for a > >> name like WS-Harmony but this is good too. :-) ) > >> > >> The plan, I believe, is to schedule a telecon for July to ensure we > >> an include various folks once they've returned from vacation. So > >> we've got some time now to get some thoughts on the table if we want > >> to. > >> > >> John Bradley has told me it's okay for me to send out the use case > >> document that Andy Dale put together a week or so ago, so I've > >> attached that below with his accompanying comments. It's always > >> valuable to have something to work off of! I think it's a great > >> start and is, in parts, quite thought-provoking. There's a category > >> of use cases not addressed here that we still need to tackle, which > >> has to do with straight-ahead managed services environments in which > >> both "plain" STS's and ID-WSF services play a big part. I'm hoping > >> to get the okay to send out some stuff that's been previously > >> written on this topic. Stay tuned. > >> > >> Eve > >> > >> ==== > >> Quoth Andy: > >> > >> "I always hate putting out the first document in this type of > >> collaboration as I have no idea what the expectations are and just > >> how far off mark I might be.... However, I do it anyway and that's > >> why we get things done. > >> > >> So if nothing else this doc should give us something to work against > >> and 'correct'. > >> > >> Once we have agreed upon our base set of UseCases I imagine a bunch > >> of 'templates' that get completed for each possible solution. The > >> template will include things like: > >> > >> - Actual user flow description based on this solution (infoCards vs > >> OP redirect, etc...) > >> - What technology each actor would have to deploy for this solution > >> and how many man days it 'might' take to do that. (including client > >> side requirements for end users) > >> - Privacy Profile - How much data is publicly available? Does the > >> user NEED a global ID? Is discovery leaking information? > >> - Complete Sequence diagram of interactions (including resolution > >> and discovery steps). > >> > >> If there is agreement that this is a good direction then I am happy > >> to work on the template and then to complete the template for the > >> pure 'i-names/OpenID' implementations as those are the ones I know > >> the best. > >> > >> PLEASE: if you have a better process/idea... let me know." > >> ==== > >> > >> > >> > >> > >> Eve Maler +1 425 947 4522 > >> Principal Engineer eve.maler @ sun.com > >> Business Alliances group Sun Microsystems, Inc. > >> _______________________________________________ > >> Sig-wsh mailing list > >> Sig-wsh at lists.projectliberty.org > >> > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org > >> > > > > > > _______________________________________________ > > Sig-wsh mailing list > > Sig-wsh at lists.projectliberty.org > > > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org > > > > > > > > -- > Paul Madsen e:paulmadsen @ ntt-at.com > NTT p:613-482-0432 > m:613-282-8647 > aim:PaulMdsn5 > web:connectid.blogspot.com > > > _______________________________________________ > Sig-wsh mailing list > Sig-wsh at lists.projectliberty.org > > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org > -- Joni Brennan IEEE-ISTO Liberty Alliance Project Operations Manager voice:+1 732-226-4223 email: joni @ projectliberty.org email: joni @ ieee-isto.org -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.projectliberty.org/pipermail/sig-wsh_lists.projectliberty.org/attachments/20080624/b4ccf5a2/attachment-0001.html From brett at projectliberty.org Tue Jun 24 10:20:54 2008 From: brett at projectliberty.org (Brett McDowell) Date: Tue, 24 Jun 2008 13:20:54 -0400 Subject: [Sig-wsh] Beginning to collect use cases In-Reply-To: <947ea3330806241009o3248059fg4faf05ef3ed68b73@mail.gmail.com> References: <6D9427F3-30A5-4823-B4C1-A8FDE5DC4F3D@Sun.COM> <11E86E29-8F33-4690-A5F9-973047108E6F@projectliberty.org> <48602B46.7020304@rogers.com> <947ea3330806241009o3248059fg4faf05ef3ed68b73@mail.gmail.com> Message-ID: <8E8456B3-46F5-4209-A27E-963744D3555D@projectliberty.org> Thanks Joni. On Jun 24, 2008, at 1:09 PM, Joni Brennan wrote: > All, > > I've created a couple of wiki pages to help track and progress the > work. The pages can be found in the WSH SIG wiki work area here: > > - http://wiki.projectliberty.org/index.php/WSH_Use_Case_Template_Ideas > > - http://wiki.projectliberty.org/index.php/WSH_Use_Case_Focus_Points > > Cheers, > > Joni > > On Mon, Jun 23, 2008 at 4:01 PM, Paul Madsen > wrote: > the connection I see between the two (somewhat seemingly disconnected) > WSH focus areas is > > a) ID-WSF & WS-* harmonization implies profiling WS-Trust to allow a > WSC > to obtain security tokens > b) the above (may) implies separating discovery from token issuance > c) separating discovery from token issuance introduces the possibility > of using different discovery mechanisms, like XRDS > d) some of Andy/John's scenarios (we need a better descriptor) touch > on > the above application of XRDS > > paul > > Brett McDowell wrote: > > Thanks Eve for getting this thread started. > > > > Andy or John, are you on this email list (I think you are but > consider > > this a test message to that fact)? Could you provide a little > context > > around your use-case(s) and how you might expect ID-WSF and WS* > > harmonization to be relevant to supporting your use-case(s)? > > > > -- Brett > > > > On Jun 17, 2008, at 6:57 PM, Eve Maler wrote: > > > > > >> Hi, all. Looks like we've got a "wish sig"! (I'd been hoping > for a > >> name like WS-Harmony but this is good too. :-) ) > >> > >> The plan, I believe, is to schedule a telecon for July to ensure we > >> an include various folks once they've returned from vacation. So > >> we've got some time now to get some thoughts on the table if we > want > >> to. > >> > >> John Bradley has told me it's okay for me to send out the use case > >> document that Andy Dale put together a week or so ago, so I've > >> attached that below with his accompanying comments. It's always > >> valuable to have something to work off of! I think it's a great > >> start and is, in parts, quite thought-provoking. There's a > category > >> of use cases not addressed here that we still need to tackle, which > >> has to do with straight-ahead managed services environments in > which > >> both "plain" STS's and ID-WSF services play a big part. I'm hoping > >> to get the okay to send out some stuff that's been previously > >> written on this topic. Stay tuned. > >> > >> Eve > >> > >> ==== > >> Quoth Andy: > >> > >> "I always hate putting out the first document in this type of > >> collaboration as I have no idea what the expectations are and just > >> how far off mark I might be.... However, I do it anyway and that's > >> why we get things done. > >> > >> So if nothing else this doc should give us something to work > against > >> and 'correct'. > >> > >> Once we have agreed upon our base set of UseCases I imagine a bunch > >> of 'templates' that get completed for each possible solution. The > >> template will include things like: > >> > >> - Actual user flow description based on this solution (infoCards vs > >> OP redirect, etc...) > >> - What technology each actor would have to deploy for this solution > >> and how many man days it 'might' take to do that. (including client > >> side requirements for end users) > >> - Privacy Profile - How much data is publicly available? Does the > >> user NEED a global ID? Is discovery leaking information? > >> - Complete Sequence diagram of interactions (including resolution > >> and discovery steps). > >> > >> If there is agreement that this is a good direction then I am happy > >> to work on the template and then to complete the template for the > >> pure 'i-names/OpenID' implementations as those are the ones I know > >> the best. > >> > >> PLEASE: if you have a better process/idea... let me know." > >> ==== > >> > >> > >> > >> > >> Eve Maler +1 425 947 4522 > >> Principal Engineer eve.maler @ sun.com > >> Business Alliances group Sun Microsystems, Inc. > >> _______________________________________________ > >> Sig-wsh mailing list > >> Sig-wsh at lists.projectliberty.org > >> http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org > >> > > > > > > _______________________________________________ > > Sig-wsh mailing list > > Sig-wsh at lists.projectliberty.org > > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org > > > > > > > > -- > Paul Madsen e:paulmadsen @ ntt-at.com > NTT p:613-482-0432 > m:613-282-8647 > aim:PaulMdsn5 > web:connectid.blogspot.com > > > _______________________________________________ > Sig-wsh mailing list > Sig-wsh at lists.projectliberty.org > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org > > > > -- > Joni Brennan > IEEE-ISTO > Liberty Alliance Project > Operations Manager > voice:+1 732-226-4223 > email: joni @ projectliberty.org > email: joni @ ieee-isto.org > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.projectliberty.org/pipermail/sig-wsh_lists.projectliberty.org/attachments/20080624/f6aa3f63/attachment.html From brett at projectliberty.org Tue Jun 24 10:33:43 2008 From: brett at projectliberty.org (Brett McDowell) Date: Tue, 24 Jun 2008 13:33:43 -0400 Subject: [Sig-wsh] Beginning to collect use cases In-Reply-To: <48602B46.7020304@rogers.com> References: <6D9427F3-30A5-4823-B4C1-A8FDE5DC4F3D@Sun.COM> <11E86E29-8F33-4690-A5F9-973047108E6F@projectliberty.org> <48602B46.7020304@rogers.com> Message-ID: <1A886C40-9706-4152-AEF9-CC3ED4D4EA78@projectliberty.org> Thank Paul. On Jun 23, 2008, at 7:01 PM, Paul Madsen wrote: > the connection I see between the two (somewhat seemingly > disconnected) WSH focus areas is > > a) ID-WSF & WS-* harmonization implies profiling WS-Trust to allow a > WSC to obtain security tokens > b) the above (may) implies separating discovery from token issuance > c) separating discovery from token issuance introduces the > possibility of using different discovery mechanisms, like XRDS > d) some of Andy/John's scenarios (we need a better descriptor) touch > on the above application of XRDS Let's get these use-case up on the wiki Joni's prepared and give each one a number so we can refer to these by number. We could also start to pull out use-cases some of us are already familiar with from the early ID-WSF days and add those up there too. I'm sure we can track down the source documents. In the meantime they are all published as PDF here: http://www.projectliberty.org/liberty/strategic_initiatives/requirements Maybe Paul, Conor, et. al. could help us parse those MRD's (Market Requirements Documents) to find the use-cases most applicable to the folks interested in WS Harmonization (which I think is inclusive of the scope that ooToa has articulated). For those involved with WS-Trust development, are there some public pointers (even if only in slideware or blog posts) to use cases that we should analyze during this triage phase of our work? Eve, maybe we can point out the Project Concordia use-cases that are most applicable? The goal at hand (as I understand it) is to scratch the broadest itch we all share. After we get a few initial targets that are representative of the work we want to do here I will gladly take the action item to help recruit more deployers to this discussion. But I think that's an easier task if I can point to some clear use cases, or even broadly articulate deployment scenarios. -- Brett > > > paul > > Brett McDowell wrote: >> Thanks Eve for getting this thread started. >> >> Andy or John, are you on this email list (I think you are but >> consider this a test message to that fact)? Could you provide a >> little context around your use-case(s) and how you might expect ID- >> WSF and WS* harmonization to be relevant to supporting your use- >> case(s)? >> >> -- Brett >> >> On Jun 17, 2008, at 6:57 PM, Eve Maler wrote: >> >> >>> Hi, all. Looks like we've got a "wish sig"! (I'd been hoping for >>> a name like WS-Harmony but this is good too. :-) ) >>> >>> The plan, I believe, is to schedule a telecon for July to ensure >>> we an include various folks once they've returned from vacation. >>> So we've got some time now to get some thoughts on the table if >>> we want to. >>> >>> John Bradley has told me it's okay for me to send out the use >>> case document that Andy Dale put together a week or so ago, so >>> I've attached that below with his accompanying comments. It's >>> always valuable to have something to work off of! I think it's a >>> great start and is, in parts, quite thought-provoking. There's a >>> category of use cases not addressed here that we still need to >>> tackle, which has to do with straight-ahead managed services >>> environments in which both "plain" STS's and ID-WSF services play >>> a big part. I'm hoping to get the okay to send out some stuff >>> that's been previously written on this topic. Stay tuned. >>> >>> Eve >>> >>> ==== >>> Quoth Andy: >>> >>> "I always hate putting out the first document in this type of >>> collaboration as I have no idea what the expectations are and >>> just how far off mark I might be.... However, I do it anyway and >>> that's why we get things done. >>> >>> So if nothing else this doc should give us something to work >>> against and 'correct'. >>> >>> Once we have agreed upon our base set of UseCases I imagine a >>> bunch of 'templates' that get completed for each possible >>> solution. The template will include things like: >>> >>> - Actual user flow description based on this solution (infoCards >>> vs OP redirect, etc...) >>> - What technology each actor would have to deploy for this >>> solution and how many man days it 'might' take to do that. >>> (including client side requirements for end users) >>> - Privacy Profile - How much data is publicly available? Does the >>> user NEED a global ID? Is discovery leaking information? >>> - Complete Sequence diagram of interactions (including resolution >>> and discovery steps). >>> >>> If there is agreement that this is a good direction then I am >>> happy to work on the template and then to complete the template >>> for the pure 'i-names/OpenID' implementations as those are the >>> ones I know the best. >>> >>> PLEASE: if you have a better process/idea... let me know." >>> ==== >>> >>> >>> >>> >>> Eve Maler +1 425 947 4522 >>> Principal Engineer eve.maler @ sun.com >>> Business Alliances group Sun Microsystems, Inc. >>> _______________________________________________ >>> Sig-wsh mailing list >>> Sig-wsh at lists.projectliberty.org >>> http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org >>> >> >> >> _______________________________________________ >> Sig-wsh mailing list >> Sig-wsh at lists.projectliberty.org >> http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org >> >> >> > > -- > Paul Madsen e:paulmadsen @ ntt-at.com > NTT p:613-482-0432 > m:613-282-8647 > aim:PaulMdsn5 > web:connectid.blogspot.com From drsecure at us.ibm.com Tue Jun 24 11:23:02 2008 From: drsecure at us.ibm.com (Anthony Nadalin) Date: Tue, 24 Jun 2008 13:23:02 -0500 Subject: [Sig-wsh] Beginning to collect use cases In-Reply-To: <48602B46.7020304@rogers.com> References: <6D9427F3-30A5-4823-B4C1-A8FDE5DC4F3D@Sun.COM> <11E86E29-8F33-4690-A5F9-973047108E6F@projectliberty.org> <48602B46.7020304@rogers.com> Message-ID: The connection that I see is the following hits to these specifications and also see the profiling of WS-SecurityPolicy and WS-Federation: Liberty ID-WSF Discovery Service Specification, make this a technology replaceable framework as pointed out with technology like XRDS Liberty ID-WSF SOAP Binding Specification, this should be basically what WS-Trust already defines relative to message correlation, consent claims, and usage directives Liberty ID-WSF Security Mechanisms Specification, I see that WS-SecurityPolicy (which WS-Trust uses) is a potential replacement (or with some extensions) for this function Liberty ID-WSF Interaction Service Specification. Between WS-Trust and WS-Federation there are several ways to providers to pose simple questions to a Principals Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122 |------------> | From: | |------------> >------------------------------------------------------------------------------------------------------------------------------------------| |Paul Madsen | >------------------------------------------------------------------------------------------------------------------------------------------| |------------> | To: | |------------> >------------------------------------------------------------------------------------------------------------------------------------------| |Brett McDowell | >------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Cc: | |------------> >------------------------------------------------------------------------------------------------------------------------------------------| |sig-wsh at lists.projectliberty.org, Eve Maler | >------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Date: | |------------> >------------------------------------------------------------------------------------------------------------------------------------------| |06/23/2008 06:07 PM | >------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Subject: | |------------> >------------------------------------------------------------------------------------------------------------------------------------------| |Re: [Sig-wsh] Beginning to collect use cases | >------------------------------------------------------------------------------------------------------------------------------------------| the connection I see between the two (somewhat seemingly disconnected) WSH focus areas is a) ID-WSF & WS-* harmonization implies profiling WS-Trust to allow a WSC to obtain security tokens b) the above (may) implies separating discovery from token issuance c) separating discovery from token issuance introduces the possibility of using different discovery mechanisms, like XRDS d) some of Andy/John's scenarios (we need a better descriptor) touch on the above application of XRDS paul Brett McDowell wrote: > Thanks Eve for getting this thread started. > > Andy or John, are you on this email list (I think you are but consider > this a test message to that fact)? Could you provide a little context > around your use-case(s) and how you might expect ID-WSF and WS* > harmonization to be relevant to supporting your use-case(s)? > > -- Brett > > On Jun 17, 2008, at 6:57 PM, Eve Maler wrote: > > >> Hi, all. Looks like we've got a "wish sig"! (I'd been hoping for a >> name like WS-Harmony but this is good too. :-) ) >> >> The plan, I believe, is to schedule a telecon for July to ensure we >> an include various folks once they've returned from vacation. So >> we've got some time now to get some thoughts on the table if we want >> to. >> >> John Bradley has told me it's okay for me to send out the use case >> document that Andy Dale put together a week or so ago, so I've >> attached that below with his accompanying comments. It's always >> valuable to have something to work off of! I think it's a great >> start and is, in parts, quite thought-provoking. There's a category >> of use cases not addressed here that we still need to tackle, which >> has to do with straight-ahead managed services environments in which >> both "plain" STS's and ID-WSF services play a big part. I'm hoping >> to get the okay to send out some stuff that's been previously >> written on this topic. Stay tuned. >> >> Eve >> >> ==== >> Quoth Andy: >> >> "I always hate putting out the first document in this type of >> collaboration as I have no idea what the expectations are and just >> how far off mark I might be.... However, I do it anyway and that's >> why we get things done. >> >> So if nothing else this doc should give us something to work against >> and 'correct'. >> >> Once we have agreed upon our base set of UseCases I imagine a bunch >> of 'templates' that get completed for each possible solution. The >> template will include things like: >> >> - Actual user flow description based on this solution (infoCards vs >> OP redirect, etc...) >> - What technology each actor would have to deploy for this solution >> and how many man days it 'might' take to do that. (including client >> side requirements for end users) >> - Privacy Profile - How much data is publicly available? Does the >> user NEED a global ID? Is discovery leaking information? >> - Complete Sequence diagram of interactions (including resolution >> and discovery steps). >> >> If there is agreement that this is a good direction then I am happy >> to work on the template and then to complete the template for the >> pure 'i-names/OpenID' implementations as those are the ones I know >> the best. >> >> PLEASE: if you have a better process/idea... let me know." >> ==== >> >> >> >> >> Eve Maler +1 425 947 4522 >> Principal Engineer eve.maler @ sun.com >> Business Alliances group Sun Microsystems, Inc. >> _______________________________________________ >> Sig-wsh mailing list >> Sig-wsh at lists.projectliberty.org >> http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org >> > > > _______________________________________________ > Sig-wsh mailing list > Sig-wsh at lists.projectliberty.org > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org > > > -- Paul Madsen e:paulmadsen @ ntt-at.com NTT p:613-482-0432 m:613-282-8647 aim:PaulMdsn5 web:connectid.blogspot.com _______________________________________________ Sig-wsh mailing list Sig-wsh at lists.projectliberty.org http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.projectliberty.org/pipermail/sig-wsh_lists.projectliberty.org/attachments/20080624/0eef859e/attachment-0001.html -------------- next part -------------- A non-text attachment was scrubbed... Name: graycol.gif Type: image/gif Size: 105 bytes Desc: not available Url : http://lists.projectliberty.org/pipermail/sig-wsh_lists.projectliberty.org/attachments/20080624/0eef859e/attachment-0002.gif -------------- next part -------------- A non-text attachment was scrubbed... Name: ecblank.gif Type: image/gif Size: 45 bytes Desc: not available Url : http://lists.projectliberty.org/pipermail/sig-wsh_lists.projectliberty.org/attachments/20080624/0eef859e/attachment-0003.gif From Eve.Maler at Sun.COM Tue Jun 24 16:15:03 2008 From: Eve.Maler at Sun.COM (Eve Maler) Date: Tue, 24 Jun 2008 16:15:03 -0700 Subject: [Sig-wsh] Beginning to collect use cases In-Reply-To: <1A886C40-9706-4152-AEF9-CC3ED4D4EA78@projectliberty.org> References: <6D9427F3-30A5-4823-B4C1-A8FDE5DC4F3D@Sun.COM> <11E86E29-8F33-4690-A5F9-973047108E6F@projectliberty.org> <48602B46.7020304@rogers.com> <1A886C40-9706-4152-AEF9-CC3ED4D4EA78@projectliberty.org> Message-ID: I'll take an action to ensure that relevant Concordia "use case buckets" (largely topics that were previously discussed but haven't made it onto a front burner yet) are represented on the wiki. It might have to wait till next week -- got to get through Catalyst first. Eve On Jun 24, 2008, at 10:33 AM, Brett McDowell wrote: > Thank Paul. > > On Jun 23, 2008, at 7:01 PM, Paul Madsen wrote: > >> the connection I see between the two (somewhat seemingly >> disconnected) WSH focus areas is >> >> a) ID-WSF & WS-* harmonization implies profiling WS-Trust to allow a >> WSC to obtain security tokens >> b) the above (may) implies separating discovery from token issuance >> c) separating discovery from token issuance introduces the >> possibility of using different discovery mechanisms, like XRDS >> d) some of Andy/John's scenarios (we need a better descriptor) touch >> on the above application of XRDS > > Let's get these use-case up on the wiki Joni's prepared and give each > one a number so we can refer to these by number. > > We could also start to pull out use-cases some of us are already > familiar with from the early ID-WSF days and add those up there too. > I'm sure we can track down the source documents. In the meantime they > are all published as PDF here: > > http://www.projectliberty.org/liberty/strategic_initiatives/requirements > > Maybe Paul, Conor, et. al. could help us parse those MRD's (Market > Requirements Documents) to find the use-cases most applicable to the > folks interested in WS Harmonization (which I think is inclusive of > the scope that ooToa has articulated). > > For those involved with WS-Trust development, are there some public > pointers (even if only in slideware or blog posts) to use cases that > we should analyze during this triage phase of our work? > > Eve, maybe we can point out the Project Concordia use-cases that are > most applicable? > > The goal at hand (as I understand it) is to scratch the broadest itch > we all share. > > After we get a few initial targets that are representative of the work > we want to do here I will gladly take the action item to help recruit > more deployers to this discussion. But I think that's an easier task > if I can point to some clear use cases, or even broadly articulate > deployment scenarios. > > -- Brett > >> >> >> paul >> >> Brett McDowell wrote: >>> Thanks Eve for getting this thread started. >>> >>> Andy or John, are you on this email list (I think you are but >>> consider this a test message to that fact)? Could you provide a >>> little context around your use-case(s) and how you might expect ID- >>> WSF and WS* harmonization to be relevant to supporting your use- >>> case(s)? >>> >>> -- Brett >>> >>> On Jun 17, 2008, at 6:57 PM, Eve Maler wrote: >>> >>> >>>> Hi, all. Looks like we've got a "wish sig"! (I'd been hoping for >>>> a name like WS-Harmony but this is good too. :-) ) >>>> >>>> The plan, I believe, is to schedule a telecon for July to ensure >>>> we an include various folks once they've returned from vacation. >>>> So we've got some time now to get some thoughts on the table if >>>> we want to. >>>> >>>> John Bradley has told me it's okay for me to send out the use >>>> case document that Andy Dale put together a week or so ago, so >>>> I've attached that below with his accompanying comments. It's >>>> always valuable to have something to work off of! I think it's a >>>> great start and is, in parts, quite thought-provoking. There's a >>>> category of use cases not addressed here that we still need to >>>> tackle, which has to do with straight-ahead managed services >>>> environments in which both "plain" STS's and ID-WSF services play >>>> a big part. I'm hoping to get the okay to send out some stuff >>>> that's been previously written on this topic. Stay tuned. >>>> >>>> Eve >>>> >>>> ==== >>>> Quoth Andy: >>>> >>>> "I always hate putting out the first document in this type of >>>> collaboration as I have no idea what the expectations are and >>>> just how far off mark I might be.... However, I do it anyway and >>>> that's why we get things done. >>>> >>>> So if nothing else this doc should give us something to work >>>> against and 'correct'. >>>> >>>> Once we have agreed upon our base set of UseCases I imagine a >>>> bunch of 'templates' that get completed for each possible >>>> solution. The template will include things like: >>>> >>>> - Actual user flow description based on this solution (infoCards >>>> vs OP redirect, etc...) >>>> - What technology each actor would have to deploy for this >>>> solution and how many man days it 'might' take to do that. >>>> (including client side requirements for end users) >>>> - Privacy Profile - How much data is publicly available? Does the >>>> user NEED a global ID? Is discovery leaking information? >>>> - Complete Sequence diagram of interactions (including resolution >>>> and discovery steps). >>>> >>>> If there is agreement that this is a good direction then I am >>>> happy to work on the template and then to complete the template >>>> for the pure 'i-names/OpenID' implementations as those are the >>>> ones I know the best. >>>> >>>> PLEASE: if you have a better process/idea... let me know." >>>> ==== >>>> >>>> >>>> >>>> >>>> Eve Maler +1 425 947 4522 >>>> Principal Engineer eve.maler @ sun.com >>>> Business Alliances group Sun Microsystems, Inc. >>>> _______________________________________________ >>>> Sig-wsh mailing list >>>> Sig-wsh at lists.projectliberty.org >>>> http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org >>>> >>> >>> >>> _______________________________________________ >>> Sig-wsh mailing list >>> Sig-wsh at lists.projectliberty.org >>> http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org >>> >>> >>> >> >> -- >> Paul Madsen e:paulmadsen @ ntt-at.com >> NTT p:613-482-0432 >> m:613-282-8647 >> aim:PaulMdsn5 >> web:connectid.blogspot.com > > > _______________________________________________ > Sig-wsh mailing list > Sig-wsh at lists.projectliberty.org > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org Eve Maler +1 425 947 4522 Principal Engineer eve.maler @ sun.com Business Alliances group Sun Microsystems, Inc. From conor.p.cahill at intel.com Wed Jun 25 05:50:06 2008 From: conor.p.cahill at intel.com (Cahill, Conor P) Date: Wed, 25 Jun 2008 05:50:06 -0700 Subject: [Sig-wsh] Beginning to collect use cases In-Reply-To: <48602B46.7020304@rogers.com> References: <6D9427F3-30A5-4823-B4C1-A8FDE5DC4F3D@Sun.COM><11E86E29-8F33-4690-A5F9-973047108E6F@projectliberty.org> <48602B46.7020304@rogers.com> Message-ID: <1B47D24854C7BC4FA8DA28BEBB59B0BA03927DE1@orsmsx419.amr.corp.intel.com> Re the ID-WSF & WS-* harmonization, I wasn't aware that the scope was just to allow a WSC to obtain security tokens. I believe it is a broader scope of harmonizing the two specification sets. Tony through out some ideas (not that I agree with them all -- no surprise there :-)) and I think there are probably others. The kinds of tasks that I see on the map for that project include: * redefine AS in terms of WS-Trust * redefine SSOS in terms of WS-Trust * redefine IDPS in terms of WS-Trust * Change service metadata definition and EPR definitions to align with WS-Trust, WS-SecurityPolicy and WS-Policy * Examine ID-WSF SOAP Bindings to figure out how other changes need to get merged in. WS-Security and WS-A are already profiled. There's a couple of headers that we've defined that were not clearly supported in WS-* at the time (and my still not be). * Examine ID-WSF Security Mechanisms model the mechanisms in terms of WS-SecurityPolicy * Examine ID-WSF Discovery service and change to support the new service metadata and EPR definitions while also evaluating the functionality itself (I'm not convinced XRDS meets the needs as Tony appears to be cocnvinced of). * Examine other areas of ID-WSF to see what to do about the components that don't appear to have clear overlap -- notably the InteractionService and People Service as well as the SIS (though I think an argument could be made that the SIS specs are out of scope of this effort). As far as use cases, I think the standard operations that are supported by Liberty should be examined as well as any new cases or modifications to those cases that are of interest to the non-liberty players now at the table. My $.02 is that the best way for this stuff to proceed forward is to start with some F2F time so that wee can talk though things with a whiteboard. Trying to do this via email is a royal pain especially when we each bring our own experiences, preferences and interests to the table -- we could waste an awful lot of time sending emails past each other (especially if Tony's around :-)). Conor > -----Original Message----- > From: sig-wsh-bounces at lists.projectliberty.org [mailto:sig-wsh- > bounces at lists.projectliberty.org] On Behalf Of Paul Madsen > Sent: Monday, June 23, 2008 7:01 PM > To: Brett McDowell > Cc: sig-wsh at lists.projectliberty.org; Eve Maler > Subject: Re: [Sig-wsh] Beginning to collect use cases > > the connection I see between the two (somewhat seemingly disconnected) > WSH focus areas is > > a) ID-WSF & WS-* harmonization implies profiling WS-Trust to allow a WSC > to obtain security tokens > b) the above (may) implies separating discovery from token issuance > c) separating discovery from token issuance introduces the possibility > of using different discovery mechanisms, like XRDS > d) some of Andy/John's scenarios (we need a better descriptor) touch on > the above application of XRDS > > paul > > Brett McDowell wrote: > > Thanks Eve for getting this thread started. > > > > Andy or John, are you on this email list (I think you are but consider > > this a test message to that fact)? Could you provide a little context > > around your use-case(s) and how you might expect ID-WSF and WS* > > harmonization to be relevant to supporting your use-case(s)? > > > > -- Brett > > > > On Jun 17, 2008, at 6:57 PM, Eve Maler wrote: > > > > > >> Hi, all. Looks like we've got a "wish sig"! (I'd been hoping for a > >> name like WS-Harmony but this is good too. :-) ) > >> > >> The plan, I believe, is to schedule a telecon for July to ensure we > >> an include various folks once they've returned from vacation. So > >> we've got some time now to get some thoughts on the table if we want > >> to. > >> > >> John Bradley has told me it's okay for me to send out the use case > >> document that Andy Dale put together a week or so ago, so I've > >> attached that below with his accompanying comments. It's always > >> valuable to have something to work off of! I think it's a great > >> start and is, in parts, quite thought-provoking. There's a category > >> of use cases not addressed here that we still need to tackle, which > >> has to do with straight-ahead managed services environments in which > >> both "plain" STS's and ID-WSF services play a big part. I'm hoping > >> to get the okay to send out some stuff that's been previously > >> written on this topic. Stay tuned. > >> > >> Eve > >> > >> ==== > >> Quoth Andy: > >> > >> "I always hate putting out the first document in this type of > >> collaboration as I have no idea what the expectations are and just > >> how far off mark I might be.... However, I do it anyway and that's > >> why we get things done. > >> > >> So if nothing else this doc should give us something to work against > >> and 'correct'. > >> > >> Once we have agreed upon our base set of UseCases I imagine a bunch > >> of 'templates' that get completed for each possible solution. The > >> template will include things like: > >> > >> - Actual user flow description based on this solution (infoCards vs > >> OP redirect, etc...) > >> - What technology each actor would have to deploy for this solution > >> and how many man days it 'might' take to do that. (including client > >> side requirements for end users) > >> - Privacy Profile - How much data is publicly available? Does the > >> user NEED a global ID? Is discovery leaking information? > >> - Complete Sequence diagram of interactions (including resolution > >> and discovery steps). > >> > >> If there is agreement that this is a good direction then I am happy > >> to work on the template and then to complete the template for the > >> pure 'i-names/OpenID' implementations as those are the ones I know > >> the best. > >> > >> PLEASE: if you have a better process/idea... let me know." > >> ==== > >> > >> > >> > >> > >> Eve Maler +1 425 947 4522 > >> Principal Engineer eve.maler @ sun.com > >> Business Alliances group Sun Microsystems, Inc. > >> _______________________________________________ > >> Sig-wsh mailing list > >> Sig-wsh at lists.projectliberty.org > >> http://lists.projectliberty.org/mailman/listinfo/sig- > wsh_lists.projectliberty.org > >> > > > > > > _______________________________________________ > > Sig-wsh mailing list > > Sig-wsh at lists.projectliberty.org > > http://lists.projectliberty.org/mailman/listinfo/sig- > wsh_lists.projectliberty.org > > > > > > > > -- > Paul Madsen e:paulmadsen @ ntt-at.com > NTT p:613-482-0432 > m:613-282-8647 > aim:PaulMdsn5 > web:connectid.blogspot.com > > > _______________________________________________ > Sig-wsh mailing list > Sig-wsh at lists.projectliberty.org > http://lists.projectliberty.org/mailman/listinfo/sig- > wsh_lists.projectliberty.org From drsecure at us.ibm.com Wed Jun 25 06:30:41 2008 From: drsecure at us.ibm.com (Anthony Nadalin) Date: Wed, 25 Jun 2008 08:30:41 -0500 Subject: [Sig-wsh] Beginning to collect use cases In-Reply-To: <1B47D24854C7BC4FA8DA28BEBB59B0BA03927DE1@orsmsx419.amr.corp.intel.com> References: <6D9427F3-30A5-4823-B4C1-A8FDE5DC4F3D@Sun.COM><11E86E29-8F33-4690-A5F9-973047108E6F@projectliberty.org> <48602B46.7020304@rogers.com> <1B47D24854C7BC4FA8DA28BEBB59B0BA03927DE1@orsmsx419.amr.corp.intel.com> Message-ID: It would also be nice if we could also 1. get agreement on service metadata between WS-Federation, SAML, ID-WSF as this would simplify deployments 2. see how we can get agreement on context (security, authorization, etc) 3. maybe some agreement on common claims, attributes Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122 |------------> | From: | |------------> >------------------------------------------------------------------------------------------------------------------------------------------| |"Cahill, Conor P" | >------------------------------------------------------------------------------------------------------------------------------------------| |------------> | To: | |------------> >------------------------------------------------------------------------------------------------------------------------------------------| |"Paul Madsen" , "Brett McDowell" | >------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Cc: | |------------> >------------------------------------------------------------------------------------------------------------------------------------------| |sig-wsh at lists.projectliberty.org, Eve Maler | >------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Date: | |------------> >------------------------------------------------------------------------------------------------------------------------------------------| |06/25/2008 08:06 AM | >------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Subject: | |------------> >------------------------------------------------------------------------------------------------------------------------------------------| |Re: [Sig-wsh] Beginning to collect use cases | >------------------------------------------------------------------------------------------------------------------------------------------| Re the ID-WSF & WS-* harmonization, I wasn't aware that the scope was just to allow a WSC to obtain security tokens. I believe it is a broader scope of harmonizing the two specification sets. Tony through out some ideas (not that I agree with them all -- no surprise there :-)) and I think there are probably others. The kinds of tasks that I see on the map for that project include: * redefine AS in terms of WS-Trust * redefine SSOS in terms of WS-Trust * redefine IDPS in terms of WS-Trust * Change service metadata definition and EPR definitions to align with WS-Trust, WS-SecurityPolicy and WS-Policy * Examine ID-WSF SOAP Bindings to figure out how other changes need to get merged in. WS-Security and WS-A are already profiled. There's a couple of headers that we've defined that were not clearly supported in WS-* at the time (and my still not be). * Examine ID-WSF Security Mechanisms model the mechanisms in terms of WS-SecurityPolicy * Examine ID-WSF Discovery service and change to support the new service metadata and EPR definitions while also evaluating the functionality itself (I'm not convinced XRDS meets the needs as Tony appears to be cocnvinced of). * Examine other areas of ID-WSF to see what to do about the components that don't appear to have clear overlap -- notably the InteractionService and People Service as well as the SIS (though I think an argument could be made that the SIS specs are out of scope of this effort). As far as use cases, I think the standard operations that are supported by Liberty should be examined as well as any new cases or modifications to those cases that are of interest to the non-liberty players now at the table. My $.02 is that the best way for this stuff to proceed forward is to start with some F2F time so that wee can talk though things with a whiteboard. Trying to do this via email is a royal pain especially when we each bring our own experiences, preferences and interests to the table -- we could waste an awful lot of time sending emails past each other (especially if Tony's around :-)). Conor > -----Original Message----- > From: sig-wsh-bounces at lists.projectliberty.org [mailto:sig-wsh- > bounces at lists.projectliberty.org] On Behalf Of Paul Madsen > Sent: Monday, June 23, 2008 7:01 PM > To: Brett McDowell > Cc: sig-wsh at lists.projectliberty.org; Eve Maler > Subject: Re: [Sig-wsh] Beginning to collect use cases > > the connection I see between the two (somewhat seemingly disconnected) > WSH focus areas is > > a) ID-WSF & WS-* harmonization implies profiling WS-Trust to allow a WSC > to obtain security tokens > b) the above (may) implies separating discovery from token issuance > c) separating discovery from token issuance introduces the possibility > of using different discovery mechanisms, like XRDS > d) some of Andy/John's scenarios (we need a better descriptor) touch on > the above application of XRDS > > paul > > Brett McDowell wrote: > > Thanks Eve for getting this thread started. > > > > Andy or John, are you on this email list (I think you are but consider > > this a test message to that fact)? Could you provide a little context > > around your use-case(s) and how you might expect ID-WSF and WS* > > harmonization to be relevant to supporting your use-case(s)? > > > > -- Brett > > > > On Jun 17, 2008, at 6:57 PM, Eve Maler wrote: > > > > > >> Hi, all. Looks like we've got a "wish sig"! (I'd been hoping for a > >> name like WS-Harmony but this is good too. :-) ) > >> > >> The plan, I believe, is to schedule a telecon for July to ensure we > >> an include various folks once they've returned from vacation. So > >> we've got some time now to get some thoughts on the table if we want > >> to. > >> > >> John Bradley has told me it's okay for me to send out the use case > >> document that Andy Dale put together a week or so ago, so I've > >> attached that below with his accompanying comments. It's always > >> valuable to have something to work off of! I think it's a great > >> start and is, in parts, quite thought-provoking. There's a category > >> of use cases not addressed here that we still need to tackle, which > >> has to do with straight-ahead managed services environments in which > >> both "plain" STS's and ID-WSF services play a big part. I'm hoping > >> to get the okay to send out some stuff that's been previously > >> written on this topic. Stay tuned. > >> > >> Eve > >> > >> ==== > >> Quoth Andy: > >> > >> "I always hate putting out the first document in this type of > >> collaboration as I have no idea what the expectations are and just > >> how far off mark I might be.... However, I do it anyway and that's > >> why we get things done. > >> > >> So if nothing else this doc should give us something to work against > >> and 'correct'. > >> > >> Once we have agreed upon our base set of UseCases I imagine a bunch > >> of 'templates' that get completed for each possible solution. The > >> template will include things like: > >> > >> - Actual user flow description based on this solution (infoCards vs > >> OP redirect, etc...) > >> - What technology each actor would have to deploy for this solution > >> and how many man days it 'might' take to do that. (including client > >> side requirements for end users) > >> - Privacy Profile - How much data is publicly available? Does the > >> user NEED a global ID? Is discovery leaking information? > >> - Complete Sequence diagram of interactions (including resolution > >> and discovery steps). > >> > >> If there is agreement that this is a good direction then I am happy > >> to work on the template and then to complete the template for the > >> pure 'i-names/OpenID' implementations as those are the ones I know > >> the best. > >> > >> PLEASE: if you have a better process/idea... let me know." > >> ==== > >> > >> > >> > >> > >> Eve Maler +1 425 947 4522 > >> Principal Engineer eve.maler @ sun.com > >> Business Alliances group Sun Microsystems, Inc. > >> _______________________________________________ > >> Sig-wsh mailing list > >> Sig-wsh at lists.projectliberty.org > >> http://lists.projectliberty.org/mailman/listinfo/sig- > wsh_lists.projectliberty.org > >> > > > > > > _______________________________________________ > > Sig-wsh mailing list > > Sig-wsh at lists.projectliberty.org > > http://lists.projectliberty.org/mailman/listinfo/sig- > wsh_lists.projectliberty.org > > > > > > > > -- > Paul Madsen e:paulmadsen @ ntt-at.com > NTT p:613-482-0432 > m:613-282-8647 > aim:PaulMdsn5 > web:connectid.blogspot.com > > > _______________________________________________ > Sig-wsh mailing list > Sig-wsh at lists.projectliberty.org > http://lists.projectliberty.org/mailman/listinfo/sig- > wsh_lists.projectliberty.org _______________________________________________ Sig-wsh mailing list Sig-wsh at lists.projectliberty.org http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.projectliberty.org/pipermail/sig-wsh_lists.projectliberty.org/attachments/20080625/3ab3c2c9/attachment-0001.html -------------- next part -------------- A non-text attachment was scrubbed... Name: graycol.gif Type: image/gif Size: 105 bytes Desc: not available Url : http://lists.projectliberty.org/pipermail/sig-wsh_lists.projectliberty.org/attachments/20080625/3ab3c2c9/attachment-0002.gif -------------- next part -------------- A non-text attachment was scrubbed... Name: ecblank.gif Type: image/gif Size: 45 bytes Desc: not available Url : http://lists.projectliberty.org/pipermail/sig-wsh_lists.projectliberty.org/attachments/20080625/3ab3c2c9/attachment-0003.gif From paulmadsen at rogers.com Wed Jun 25 09:23:57 2008 From: paulmadsen at rogers.com (Paul Madsen) Date: Wed, 25 Jun 2008 12:23:57 -0400 Subject: [Sig-wsh] Beginning to collect use cases In-Reply-To: References: <6D9427F3-30A5-4823-B4C1-A8FDE5DC4F3D@Sun.COM><11E86E29-8F33-4690-A5F9-973047108E6F@projectliberty.org> <48602B46.7020304@rogers.com> <1B47D24854C7BC4FA8DA28BEBB59B0BA03927DE1@orsmsx419.amr.corp.intel.com> Message-ID: <4862711D.5030406@rogers.com> I'll add privacy policy to the 'wsh list' I agree with Conor that F2F time is needed. Tony, could you let us know your availability so we can plan accordingly (said with love) paul Anthony Nadalin wrote: > > It would also be nice if we could also > > 1. get agreement on service metadata between WS-Federation, SAML, > ID-WSF as this would simplify deployments > 2. see how we can get agreement on context (security, authorization, etc) > 3. maybe some agreement on common claims, attributes > > Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122 > > Inactive hide details for "Cahill, Conor P" ---06/25/2008 08:06:40 > AM---Re the ID-WSF & WS-* harmonization, I wasn't aware that"Cahill, > Conor P" ---06/25/2008 08:06:40 AM---Re the ID-WSF & WS-* > harmonization, I wasn't aware that the scope was > > > From: > "Cahill, Conor P" > > To: > "Paul Madsen" , "Brett McDowell" > > > Cc: > sig-wsh at lists.projectliberty.org, Eve Maler > > Date: > 06/25/2008 08:06 AM > > Subject: > Re: [Sig-wsh] Beginning to collect use cases > > ------------------------------------------------------------------------ > > > > Re the ID-WSF & WS-* harmonization, I wasn't aware that the scope was > just to allow a WSC to obtain security tokens. I believe it is a > broader scope of harmonizing the two specification sets. > > Tony through out some ideas (not that I agree with them all -- no > surprise there :-)) and I think there are probably others. The > kinds of tasks that I see on the map for that project include: > > * redefine AS in terms of WS-Trust > * redefine SSOS in terms of WS-Trust > * redefine IDPS in terms of WS-Trust > * Change service metadata definition and EPR definitions to > align with WS-Trust, WS-SecurityPolicy and WS-Policy > * Examine ID-WSF SOAP Bindings to figure out how other > changes need to get merged in. WS-Security and WS-A > are already profiled. There's a couple of headers that > we've defined that were not clearly supported in WS-* > at the time (and my still not be). > * Examine ID-WSF Security Mechanisms model the > mechanisms in terms of WS-SecurityPolicy > * Examine ID-WSF Discovery service and change to support > the new service metadata and EPR definitions while also > evaluating the functionality itself (I'm not convinced > XRDS meets the needs as Tony appears to be cocnvinced of). > * Examine other areas of ID-WSF to see what to do about > the components that don't appear to have clear overlap > -- notably the InteractionService and People Service as > well as the SIS (though I think an argument could be made > that the SIS specs are out of scope of this effort). > > As far as use cases, I think the standard operations that are supported > by Liberty should be examined as well as any new cases or modifications > to those cases that are of interest to the non-liberty players now at > the table. > > My $.02 is that the best way for this stuff to proceed forward is to > start with some F2F time so that wee can talk though things with > a whiteboard. Trying to do this via email is a royal pain especially > when we each bring our own experiences, preferences and interests to > the table -- we could waste an awful lot of time sending emails past > each other (especially if Tony's around :-)). > > Conor > > > -----Original Message----- > > From: sig-wsh-bounces at lists.projectliberty.org [mailto:sig-wsh- > > bounces at lists.projectliberty.org] On Behalf Of Paul Madsen > > Sent: Monday, June 23, 2008 7:01 PM > > To: Brett McDowell > > Cc: sig-wsh at lists.projectliberty.org; Eve Maler > > Subject: Re: [Sig-wsh] Beginning to collect use cases > > > > the connection I see between the two (somewhat seemingly disconnected) > > WSH focus areas is > > > > a) ID-WSF & WS-* harmonization implies profiling WS-Trust to allow a > WSC > > to obtain security tokens > > b) the above (may) implies separating discovery from token issuance > > c) separating discovery from token issuance introduces the possibility > > of using different discovery mechanisms, like XRDS > > d) some of Andy/John's scenarios (we need a better descriptor) touch > on > > the above application of XRDS > > > > paul > > > > Brett McDowell wrote: > > > Thanks Eve for getting this thread started. > > > > > > Andy or John, are you on this email list (I think you are but > consider > > > this a test message to that fact)? Could you provide a little > context > > > around your use-case(s) and how you might expect ID-WSF and WS* > > > harmonization to be relevant to supporting your use-case(s)? > > > > > > -- Brett > > > > > > On Jun 17, 2008, at 6:57 PM, Eve Maler wrote: > > > > > > > > >> Hi, all. Looks like we've got a "wish sig"! (I'd been hoping for > a > > >> name like WS-Harmony but this is good too. :-) ) > > >> > > >> The plan, I believe, is to schedule a telecon for July to ensure we > > >> an include various folks once they've returned from vacation. So > > >> we've got some time now to get some thoughts on the table if we > want > > >> to. > > >> > > >> John Bradley has told me it's okay for me to send out the use case > > >> document that Andy Dale put together a week or so ago, so I've > > >> attached that below with his accompanying comments. It's always > > >> valuable to have something to work off of! I think it's a great > > >> start and is, in parts, quite thought-provoking. There's a > category > > >> of use cases not addressed here that we still need to tackle, which > > >> has to do with straight-ahead managed services environments in > which > > >> both "plain" STS's and ID-WSF services play a big part. I'm hoping > > >> to get the okay to send out some stuff that's been previously > > >> written on this topic. Stay tuned. > > >> > > >> Eve > > >> > > >> ==== > > >> Quoth Andy: > > >> > > >> "I always hate putting out the first document in this type of > > >> collaboration as I have no idea what the expectations are and just > > >> how far off mark I might be.... However, I do it anyway and that's > > >> why we get things done. > > >> > > >> So if nothing else this doc should give us something to work > against > > >> and 'correct'. > > >> > > >> Once we have agreed upon our base set of UseCases I imagine a bunch > > >> of 'templates' that get completed for each possible solution. The > > >> template will include things like: > > >> > > >> - Actual user flow description based on this solution (infoCards vs > > >> OP redirect, etc...) > > >> - What technology each actor would have to deploy for this solution > > >> and how many man days it 'might' take to do that. (including client > > >> side requirements for end users) > > >> - Privacy Profile - How much data is publicly available? Does the > > >> user NEED a global ID? Is discovery leaking information? > > >> - Complete Sequence diagram of interactions (including resolution > > >> and discovery steps). > > >> > > >> If there is agreement that this is a good direction then I am happy > > >> to work on the template and then to complete the template for the > > >> pure 'i-names/OpenID' implementations as those are the ones I know > > >> the best. > > >> > > >> PLEASE: if you have a better process/idea... let me know." > > >> ==== > > >> > > >> > > >> > > >> > > >> Eve Maler +1 425 947 4522 > > >> Principal Engineer eve.maler @ sun.com > > >> Business Alliances group Sun Microsystems, Inc. > > >> _______________________________________________ > > >> Sig-wsh mailing list > > >> Sig-wsh at lists.projectliberty.org > > >> http://lists.projectliberty.org/mailman/listinfo/sig- > > wsh_lists.projectliberty.org > > >> > > > > > > > > > _______________________________________________ > > > Sig-wsh mailing list > > > Sig-wsh at lists.projectliberty.org > > > http://lists.projectliberty.org/mailman/listinfo/sig- > > wsh_lists.projectliberty.org > > > > > > > > > > > > > -- > > Paul Madsen e:paulmadsen @ ntt-at.com > > NTT p:613-482-0432 > > m:613-282-8647 > > aim:PaulMdsn5 > > web:connectid.blogspot.com > > > > > > _______________________________________________ > > Sig-wsh mailing list > > Sig-wsh at lists.projectliberty.org > > http://lists.projectliberty.org/mailman/listinfo/sig- > > wsh_lists.projectliberty.org > > _______________________________________________ > Sig-wsh mailing list > Sig-wsh at lists.projectliberty.org > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org > > ------------------------------------------------------------------------ > > No virus found in this incoming message. > Checked by AVG. > Version: 7.5.524 / Virus Database: 270.4.1/1518 - Release Date: 25/06/2008 9:46 AM > -- Paul Madsen e:paulmadsen @ ntt-at.com NTT p:613-482-0432 m:613-282-8647 aim:PaulMdsn5 web:connectid.blogspot.com From brett at projectliberty.org Wed Jun 25 09:40:10 2008 From: brett at projectliberty.org (Brett McDowell) Date: Wed, 25 Jun 2008 12:40:10 -0400 Subject: [Sig-wsh] Beginning to collect use cases In-Reply-To: <4862711D.5030406@rogers.com> References: <6D9427F3-30A5-4823-B4C1-A8FDE5DC4F3D@Sun.COM> <11E86E29-8F33-4690-A5F9-973047108E6F@projectliberty.org> <48602B46.7020304@rogers.com> <1B47D24854C7BC4FA8DA28BEBB59B0BA03927DE1@orsmsx419.amr.corp.intel.com> <4862711D.5030406@rogers.com> Message-ID: <8598D789-26E4-4394-96CB-95AB9008C90A@projectliberty.org> (Just in case there is anyone on this list or reading the archive who doesn't have a personal history with this crowd, I just want to point out that Conor, Paul, and Tony have worked together for years and I would characterize this banter as both typical and good natured.) As for the face-to-face... summers are really tough. Maybe we can start by soliciting vacation schedules and collectively pick a window when a critical mass of key participants are NOT on vacation. Since Don is just getting back from vacation in early July I'll assume he's not on vacation again this summer (if he is I want a job with Microsoft :-) I am not a critical participant so won't bother sharing my schedule. I think everyone else who's chimed in so far is and there are more of you still lurking. Can you each share your vacation/outage schedules so we can begin the fun process of finding a face-to-face time and location this summer? --Brett On Jun 25, 2008, at 12:23 PM, Paul Madsen wrote: > I'll add privacy policy to the 'wsh list' > > I agree with Conor that F2F time is needed. Tony, could you let us > know your availability so we can plan accordingly (said with love) > > paul > > Anthony Nadalin wrote: >> >> It would also be nice if we could also >> >> 1. get agreement on service metadata between WS-Federation, SAML, >> ID-WSF as this would simplify deployments >> 2. see how we can get agreement on context (security, >> authorization, etc) >> 3. maybe some agreement on common claims, attributes >> >> Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122 >> >> Inactive hide details for "Cahill, Conor P" ---06/25/2008 08:06:40 >> AM---Re the ID-WSF & WS-* harmonization, I wasn't aware >> that"Cahill, Conor P" ---06/25/2008 08:06:40 AM---Re the ID-WSF & >> WS-* harmonization, I wasn't aware that the scope was >> >> >> From: >> "Cahill, Conor P" >> >> To: >> "Paul Madsen" , "Brett McDowell" > > >> >> Cc: >> sig-wsh at lists.projectliberty.org, Eve Maler >> >> Date: >> 06/25/2008 08:06 AM >> >> Subject: >> Re: [Sig-wsh] Beginning to collect use cases >> >> ------------------------------------------------------------------------ >> >> >> >> Re the ID-WSF & WS-* harmonization, I wasn't aware that the scope was >> just to allow a WSC to obtain security tokens. I believe it is a >> broader scope of harmonizing the two specification sets. >> >> Tony through out some ideas (not that I agree with them all -- no >> surprise there :-)) and I think there are probably others. The >> kinds of tasks that I see on the map for that project include: >> >> * redefine AS in terms of WS-Trust >> * redefine SSOS in terms of WS-Trust >> * redefine IDPS in terms of WS-Trust >> * Change service metadata definition and EPR definitions to >> align with WS-Trust, WS-SecurityPolicy and WS-Policy >> * Examine ID-WSF SOAP Bindings to figure out how other >> changes need to get merged in. WS-Security and WS-A >> are already profiled. There's a couple of headers that >> we've defined that were not clearly supported in WS-* >> at the time (and my still not be). >> * Examine ID-WSF Security Mechanisms model the >> mechanisms in terms of WS-SecurityPolicy >> * Examine ID-WSF Discovery service and change to support >> the new service metadata and EPR definitions while also >> evaluating the functionality itself (I'm not convinced >> XRDS meets the needs as Tony appears to be cocnvinced of). >> * Examine other areas of ID-WSF to see what to do about >> the components that don't appear to have clear overlap >> -- notably the InteractionService and People Service as >> well as the SIS (though I think an argument could be made >> that the SIS specs are out of scope of this effort). >> >> As far as use cases, I think the standard operations that are >> supported >> by Liberty should be examined as well as any new cases or >> modifications >> to those cases that are of interest to the non-liberty players now at >> the table. >> >> My $.02 is that the best way for this stuff to proceed forward is to >> start with some F2F time so that wee can talk though things with >> a whiteboard. Trying to do this via email is a royal pain especially >> when we each bring our own experiences, preferences and interests to >> the table -- we could waste an awful lot of time sending emails past >> each other (especially if Tony's around :-)). >> >> Conor >> >> > -----Original Message----- >> > From: sig-wsh-bounces at lists.projectliberty.org [mailto:sig-wsh- >> > bounces at lists.projectliberty.org] On Behalf Of Paul Madsen >> > Sent: Monday, June 23, 2008 7:01 PM >> > To: Brett McDowell >> > Cc: sig-wsh at lists.projectliberty.org; Eve Maler >> > Subject: Re: [Sig-wsh] Beginning to collect use cases >> > >> > the connection I see between the two (somewhat seemingly >> disconnected) >> > WSH focus areas is >> > >> > a) ID-WSF & WS-* harmonization implies profiling WS-Trust to >> allow a >> WSC >> > to obtain security tokens >> > b) the above (may) implies separating discovery from token issuance >> > c) separating discovery from token issuance introduces the >> possibility >> > of using different discovery mechanisms, like XRDS >> > d) some of Andy/John's scenarios (we need a better descriptor) >> touch >> on >> > the above application of XRDS >> > >> > paul >> > >> > Brett McDowell wrote: >> > > Thanks Eve for getting this thread started. >> > > >> > > Andy or John, are you on this email list (I think you are but >> consider >> > > this a test message to that fact)? Could you provide a little >> context >> > > around your use-case(s) and how you might expect ID-WSF and WS* >> > > harmonization to be relevant to supporting your use-case(s)? >> > > >> > > -- Brett >> > > >> > > On Jun 17, 2008, at 6:57 PM, Eve Maler wrote: >> > > >> > > >> > >> Hi, all. Looks like we've got a "wish sig"! (I'd been hoping >> for >> a >> > >> name like WS-Harmony but this is good too. :-) ) >> > >> >> > >> The plan, I believe, is to schedule a telecon for July to >> ensure we >> > >> an include various folks once they've returned from vacation. >> So >> > >> we've got some time now to get some thoughts on the table if we >> want >> > >> to. >> > >> >> > >> John Bradley has told me it's okay for me to send out the use >> case >> > >> document that Andy Dale put together a week or so ago, so I've >> > >> attached that below with his accompanying comments. It's always >> > >> valuable to have something to work off of! I think it's a great >> > >> start and is, in parts, quite thought-provoking. There's a >> category >> > >> of use cases not addressed here that we still need to tackle, >> which >> > >> has to do with straight-ahead managed services environments in >> which >> > >> both "plain" STS's and ID-WSF services play a big part. I'm >> hoping >> > >> to get the okay to send out some stuff that's been previously >> > >> written on this topic. Stay tuned. >> > >> >> > >> Eve >> > >> >> > >> ==== >> > >> Quoth Andy: >> > >> >> > >> "I always hate putting out the first document in this type of >> > >> collaboration as I have no idea what the expectations are and >> just >> > >> how far off mark I might be.... However, I do it anyway and >> that's >> > >> why we get things done. >> > >> >> > >> So if nothing else this doc should give us something to work >> against >> > >> and 'correct'. >> > >> >> > >> Once we have agreed upon our base set of UseCases I imagine a >> bunch >> > >> of 'templates' that get completed for each possible solution. >> The >> > >> template will include things like: >> > >> >> > >> - Actual user flow description based on this solution >> (infoCards vs >> > >> OP redirect, etc...) >> > >> - What technology each actor would have to deploy for this >> solution >> > >> and how many man days it 'might' take to do that. (including >> client >> > >> side requirements for end users) >> > >> - Privacy Profile - How much data is publicly available? Does >> the >> > >> user NEED a global ID? Is discovery leaking information? >> > >> - Complete Sequence diagram of interactions (including >> resolution >> > >> and discovery steps). >> > >> >> > >> If there is agreement that this is a good direction then I am >> happy >> > >> to work on the template and then to complete the template for >> the >> > >> pure 'i-names/OpenID' implementations as those are the ones I >> know >> > >> the best. >> > >> >> > >> PLEASE: if you have a better process/idea... let me know." >> > >> ==== >> > >> >> > >> >> > >> >> > >> >> > >> Eve Maler +1 425 947 >> 4522 >> > >> Principal Engineer eve.maler @ >> sun.com >> > >> Business Alliances group Sun Microsystems, >> Inc. >> > >> _______________________________________________ >> > >> Sig-wsh mailing list >> > >> Sig-wsh at lists.projectliberty.org >> > >> http://lists.projectliberty.org/mailman/listinfo/sig- >> > wsh_lists.projectliberty.org >> > >> >> > > >> > > >> > > _______________________________________________ >> > > Sig-wsh mailing list >> > > Sig-wsh at lists.projectliberty.org >> > > http://lists.projectliberty.org/mailman/listinfo/sig- >> > wsh_lists.projectliberty.org >> > > >> > > >> > > >> > >> > -- >> > Paul Madsen e:paulmadsen @ ntt-at.com >> > NTT p:613-482-0432 >> > m:613-282-8647 >> > aim:PaulMdsn5 >> > web:connectid.blogspot.com >> > >> > >> > _______________________________________________ >> > Sig-wsh mailing list >> > Sig-wsh at lists.projectliberty.org >> > http://lists.projectliberty.org/mailman/listinfo/sig- >> > wsh_lists.projectliberty.org >> >> _______________________________________________ >> Sig-wsh mailing list >> Sig-wsh at lists.projectliberty.org >> http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org >> >> ------------------------------------------------------------------------ >> >> No virus found in this incoming message. >> Checked by AVG. Version: 7.5.524 / Virus Database: 270.4.1/1518 - >> Release Date: 25/06/2008 9:46 AM >> > > -- > Paul Madsen e:paulmadsen @ ntt-at.com > NTT p:613-482-0432 > m:613-282-8647 > aim:PaulMdsn5 > web:connectid.blogspot.com From drsecure at us.ibm.com Wed Jun 25 10:19:07 2008 From: drsecure at us.ibm.com (Anthony Nadalin) Date: Wed, 25 Jun 2008 12:19:07 -0500 Subject: [Sig-wsh] Beginning to collect use cases In-Reply-To: <4862711D.5030406@rogers.com> References: <6D9427F3-30A5-4823-B4C1-A8FDE5DC4F3D@Sun.COM><11E86E29-8F33-4690-A5F9-973047108E6F@projectliberty.org> <48602B46.7020304@rogers.com> <1B47D24854C7BC4FA8DA28BEBB59B0BA03927DE1@orsmsx419.amr.corp.intel.com> <4862711D.5030406@rogers.com> Message-ID: Can you give a general idea of time frame, June, July, August ? Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122 |------------> | From: | |------------> >------------------------------------------------------------------------------------------------------------------------------------------| |Paul Madsen | >------------------------------------------------------------------------------------------------------------------------------------------| |------------> | To: | |------------> >------------------------------------------------------------------------------------------------------------------------------------------| |Anthony Nadalin/Austin/IBM at IBMUS | >------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Cc: | |------------> >------------------------------------------------------------------------------------------------------------------------------------------| |"Cahill, Conor P" , Brett McDowell , Eve Maler , | |sig-wsh at lists.projectliberty.org, sig-wsh-bounces at lists.projectliberty.org | >------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Date: | |------------> >------------------------------------------------------------------------------------------------------------------------------------------| |06/25/2008 11:24 AM | >------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Subject: | |------------> >------------------------------------------------------------------------------------------------------------------------------------------| |Re: [Sig-wsh] Beginning to collect use cases | >------------------------------------------------------------------------------------------------------------------------------------------| I'll add privacy policy to the 'wsh list' I agree with Conor that F2F time is needed. Tony, could you let us know your availability so we can plan accordingly (said with love) paul Anthony Nadalin wrote: > > It would also be nice if we could also > > 1. get agreement on service metadata between WS-Federation, SAML, > ID-WSF as this would simplify deployments > 2. see how we can get agreement on context (security, authorization, etc) > 3. maybe some agreement on common claims, attributes > > Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122 > > Inactive hide details for "Cahill, Conor P" ---06/25/2008 08:06:40 > AM---Re the ID-WSF & WS-* harmonization, I wasn't aware that"Cahill, > Conor P" ---06/25/2008 08:06:40 AM---Re the ID-WSF & WS-* > harmonization, I wasn't aware that the scope was > > > From: > "Cahill, Conor P" > > To: > "Paul Madsen" , "Brett McDowell" > > > Cc: > sig-wsh at lists.projectliberty.org, Eve Maler > > Date: > 06/25/2008 08:06 AM > > Subject: > Re: [Sig-wsh] Beginning to collect use cases > > ------------------------------------------------------------------------ > > > > Re the ID-WSF & WS-* harmonization, I wasn't aware that the scope was > just to allow a WSC to obtain security tokens. I believe it is a > broader scope of harmonizing the two specification sets. > > Tony through out some ideas (not that I agree with them all -- no > surprise there :-)) and I think there are probably others. The > kinds of tasks that I see on the map for that project include: > > * redefine AS in terms of WS-Trust > * redefine SSOS in terms of WS-Trust > * redefine IDPS in terms of WS-Trust > * Change service metadata definition and EPR definitions to > align with WS-Trust, WS-SecurityPolicy and WS-Policy > * Examine ID-WSF SOAP Bindings to figure out how other > changes need to get merged in. WS-Security and WS-A > are already profiled. There's a couple of headers that > we've defined that were not clearly supported in WS-* > at the time (and my still not be). > * Examine ID-WSF Security Mechanisms model the > mechanisms in terms of WS-SecurityPolicy > * Examine ID-WSF Discovery service and change to support > the new service metadata and EPR definitions while also > evaluating the functionality itself (I'm not convinced > XRDS meets the needs as Tony appears to be cocnvinced of). > * Examine other areas of ID-WSF to see what to do about > the components that don't appear to have clear overlap > -- notably the InteractionService and People Service as > well as the SIS (though I think an argument could be made > that the SIS specs are out of scope of this effort). > > As far as use cases, I think the standard operations that are supported > by Liberty should be examined as well as any new cases or modifications > to those cases that are of interest to the non-liberty players now at > the table. > > My $.02 is that the best way for this stuff to proceed forward is to > start with some F2F time so that wee can talk though things with > a whiteboard. Trying to do this via email is a royal pain especially > when we each bring our own experiences, preferences and interests to > the table -- we could waste an awful lot of time sending emails past > each other (especially if Tony's around :-)). > > Conor > > > -----Original Message----- > > From: sig-wsh-bounces at lists.projectliberty.org [mailto:sig-wsh- > > bounces at lists.projectliberty.org] On Behalf Of Paul Madsen > > Sent: Monday, June 23, 2008 7:01 PM > > To: Brett McDowell > > Cc: sig-wsh at lists.projectliberty.org; Eve Maler > > Subject: Re: [Sig-wsh] Beginning to collect use cases > > > > the connection I see between the two (somewhat seemingly disconnected) > > WSH focus areas is > > > > a) ID-WSF & WS-* harmonization implies profiling WS-Trust to allow a > WSC > > to obtain security tokens > > b) the above (may) implies separating discovery from token issuance > > c) separating discovery from token issuance introduces the possibility > > of using different discovery mechanisms, like XRDS > > d) some of Andy/John's scenarios (we need a better descriptor) touch > on > > the above application of XRDS > > > > paul > > > > Brett McDowell wrote: > > > Thanks Eve for getting this thread started. > > > > > > Andy or John, are you on this email list (I think you are but > consider > > > this a test message to that fact)? Could you provide a little > context > > > around your use-case(s) and how you might expect ID-WSF and WS* > > > harmonization to be relevant to supporting your use-case(s)? > > > > > > -- Brett > > > > > > On Jun 17, 2008, at 6:57 PM, Eve Maler wrote: > > > > > > > > >> Hi, all. Looks like we've got a "wish sig"! (I'd been hoping for > a > > >> name like WS-Harmony but this is good too. :-) ) > > >> > > >> The plan, I believe, is to schedule a telecon for July to ensure we > > >> an include various folks once they've returned from vacation. So > > >> we've got some time now to get some thoughts on the table if we > want > > >> to. > > >> > > >> John Bradley has told me it's okay for me to send out the use case > > >> document that Andy Dale put together a week or so ago, so I've > > >> attached that below with his accompanying comments. It's always > > >> valuable to have something to work off of! I think it's a great > > >> start and is, in parts, quite thought-provoking. There's a > category > > >> of use cases not addressed here that we still need to tackle, which > > >> has to do with straight-ahead managed services environments in > which > > >> both "plain" STS's and ID-WSF services play a big part. I'm hoping > > >> to get the okay to send out some stuff that's been previously > > >> written on this topic. Stay tuned. > > >> > > >> Eve > > >> > > >> ==== > > >> Quoth Andy: > > >> > > >> "I always hate putting out the first document in this type of > > >> collaboration as I have no idea what the expectations are and just > > >> how far off mark I might be.... However, I do it anyway and that's > > >> why we get things done. > > >> > > >> So if nothing else this doc should give us something to work > against > > >> and 'correct'. > > >> > > >> Once we have agreed upon our base set of UseCases I imagine a bunch > > >> of 'templates' that get completed for each possible solution. The > > >> template will include things like: > > >> > > >> - Actual user flow description based on this solution (infoCards vs > > >> OP redirect, etc...) > > >> - What technology each actor would have to deploy for this solution > > >> and how many man days it 'might' take to do that. (including client > > >> side requirements for end users) > > >> - Privacy Profile - How much data is publicly available? Does the > > >> user NEED a global ID? Is discovery leaking information? > > >> - Complete Sequence diagram of interactions (including resolution > > >> and discovery steps). > > >> > > >> If there is agreement that this is a good direction then I am happy > > >> to work on the template and then to complete the template for the > > >> pure 'i-names/OpenID' implementations as those are the ones I know > > >> the best. > > >> > > >> PLEASE: if you have a better process/idea... let me know." > > >> ==== > > >> > > >> > > >> > > >> > > >> Eve Maler +1 425 947 4522 > > >> Principal Engineer eve.maler @ sun.com > > >> Business Alliances group Sun Microsystems, Inc. > > >> _______________________________________________ > > >> Sig-wsh mailing list > > >> Sig-wsh at lists.projectliberty.org > > >> http://lists.projectliberty.org/mailman/listinfo/sig- > > wsh_lists.projectliberty.org > > >> > > > > > > > > > _______________________________________________ > > > Sig-wsh mailing list > > > Sig-wsh at lists.projectliberty.org > > > http://lists.projectliberty.org/mailman/listinfo/sig- > > wsh_lists.projectliberty.org > > > > > > > > > > > > > -- > > Paul Madsen e:paulmadsen @ ntt-at.com > > NTT p:613-482-0432 > > m:613-282-8647 > > aim:PaulMdsn5 > > web:connectid.blogspot.com > > > > > > _______________________________________________ > > Sig-wsh mailing list > > Sig-wsh at lists.projectliberty.org > > http://lists.projectliberty.org/mailman/listinfo/sig- > > wsh_lists.projectliberty.org > > _______________________________________________ > Sig-wsh mailing list > Sig-wsh at lists.projectliberty.org > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org > > ------------------------------------------------------------------------ > > No virus found in this incoming message. > Checked by AVG. > Version: 7.5.524 / Virus Database: 270.4.1/1518 - Release Date: 25/06/2008 9:46 AM > -- Paul Madsen e:paulmadsen @ ntt-at.com NTT p:613-482-0432 m:613-282-8647 aim:PaulMdsn5 web:connectid.blogspot.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.projectliberty.org/pipermail/sig-wsh_lists.projectliberty.org/attachments/20080625/4a7d0c5b/attachment-0001.html -------------- next part -------------- A non-text attachment was scrubbed... Name: graycol.gif Type: image/gif Size: 105 bytes Desc: not available Url : http://lists.projectliberty.org/pipermail/sig-wsh_lists.projectliberty.org/attachments/20080625/4a7d0c5b/attachment-0002.gif -------------- next part -------------- A non-text attachment was scrubbed... Name: ecblank.gif Type: image/gif Size: 45 bytes Desc: not available Url : http://lists.projectliberty.org/pipermail/sig-wsh_lists.projectliberty.org/attachments/20080625/4a7d0c5b/attachment-0003.gif From conor.p.cahill at intel.com Wed Jun 25 10:40:18 2008 From: conor.p.cahill at intel.com (Cahill, Conor P) Date: Wed, 25 Jun 2008 10:40:18 -0700 Subject: [Sig-wsh] Beginning to collect use cases In-Reply-To: <8598D789-26E4-4394-96CB-95AB9008C90A@projectliberty.org> References: <6D9427F3-30A5-4823-B4C1-A8FDE5DC4F3D@Sun.COM> <11E86E29-8F33-4690-A5F9-973047108E6F@projectliberty.org> <48602B46.7020304@rogers.com> <1B47D24854C7BC4FA8DA28BEBB59B0BA03927DE1@orsmsx419.amr.corp.intel.com> <4862711D.5030406@rogers.com> <8598D789-26E4-4394-96CB-95AB9008C90A@projectliberty.org> Message-ID: <1B47D24854C7BC4FA8DA28BEBB59B0BA03927FE0@orsmsx419.amr.corp.intel.com> I'm pretty much gone through the end of July (lots of work, some vacation). Conor > -----Original Message----- > From: Brett McDowell [mailto:brett at ictprojects.com] On Behalf Of Brett > McDowell > Sent: Wednesday, June 25, 2008 12:40 PM > To: Paul Madsen > Cc: Anthony Nadalin; Cahill, Conor P; Eve Maler; sig- > wsh at lists.projectliberty.org; sig-wsh-bounces at lists.projectliberty.org > Subject: Re: [Sig-wsh] Beginning to collect use cases > > (Just in case there is anyone on this list or reading the archive who > doesn't have a personal history with this crowd, I just want to point > out that Conor, Paul, and Tony have worked together for years and I > would characterize this banter as both typical and good natured.) > > As for the face-to-face... summers are really tough. Maybe we can > start by soliciting vacation schedules and collectively pick a window > when a critical mass of key participants are NOT on vacation. Since > Don is just getting back from vacation in early July I'll assume he's > not on vacation again this summer (if he is I want a job with > Microsoft :-) > > I am not a critical participant so won't bother sharing my schedule. > I think everyone else who's chimed in so far is and there are more of > you still lurking. Can you each share your vacation/outage schedules > so we can begin the fun process of finding a face-to-face time and > location this summer? > > --Brett > > On Jun 25, 2008, at 12:23 PM, Paul Madsen wrote: > > > I'll add privacy policy to the 'wsh list' > > > > I agree with Conor that F2F time is needed. Tony, could you let us > > know your availability so we can plan accordingly (said with love) > > > > paul > > > > Anthony Nadalin wrote: > >> > >> It would also be nice if we could also > >> > >> 1. get agreement on service metadata between WS-Federation, SAML, > >> ID-WSF as this would simplify deployments > >> 2. see how we can get agreement on context (security, > >> authorization, etc) > >> 3. maybe some agreement on common claims, attributes > >> > >> Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122 > >> > >> Inactive hide details for "Cahill, Conor P" ---06/25/2008 08:06:40 > >> AM---Re the ID-WSF & WS-* harmonization, I wasn't aware > >> that"Cahill, Conor P" ---06/25/2008 08:06:40 AM---Re the ID-WSF & > >> WS-* harmonization, I wasn't aware that the scope was > >> > >> > >> From: > >> "Cahill, Conor P" > >> > >> To: > >> "Paul Madsen" , "Brett McDowell" > >> > > >> > >> Cc: > >> sig-wsh at lists.projectliberty.org, Eve Maler > >> > >> Date: > >> 06/25/2008 08:06 AM > >> > >> Subject: > >> Re: [Sig-wsh] Beginning to collect use cases > >> > >> ----------------------------------------------------------------------- > - > >> > >> > >> > >> Re the ID-WSF & WS-* harmonization, I wasn't aware that the scope was > >> just to allow a WSC to obtain security tokens. I believe it is a > >> broader scope of harmonizing the two specification sets. > >> > >> Tony through out some ideas (not that I agree with them all -- no > >> surprise there :-)) and I think there are probably others. The > >> kinds of tasks that I see on the map for that project include: > >> > >> * redefine AS in terms of WS-Trust > >> * redefine SSOS in terms of WS-Trust > >> * redefine IDPS in terms of WS-Trust > >> * Change service metadata definition and EPR definitions to > >> align with WS-Trust, WS-SecurityPolicy and WS-Policy > >> * Examine ID-WSF SOAP Bindings to figure out how other > >> changes need to get merged in. WS-Security and WS-A > >> are already profiled. There's a couple of headers that > >> we've defined that were not clearly supported in WS-* > >> at the time (and my still not be). > >> * Examine ID-WSF Security Mechanisms model the > >> mechanisms in terms of WS-SecurityPolicy > >> * Examine ID-WSF Discovery service and change to support > >> the new service metadata and EPR definitions while also > >> evaluating the functionality itself (I'm not convinced > >> XRDS meets the needs as Tony appears to be cocnvinced of). > >> * Examine other areas of ID-WSF to see what to do about > >> the components that don't appear to have clear overlap > >> -- notably the InteractionService and People Service as > >> well as the SIS (though I think an argument could be made > >> that the SIS specs are out of scope of this effort). > >> > >> As far as use cases, I think the standard operations that are > >> supported > >> by Liberty should be examined as well as any new cases or > >> modifications > >> to those cases that are of interest to the non-liberty players now at > >> the table. > >> > >> My $.02 is that the best way for this stuff to proceed forward is to > >> start with some F2F time so that wee can talk though things with > >> a whiteboard. Trying to do this via email is a royal pain especially > >> when we each bring our own experiences, preferences and interests to > >> the table -- we could waste an awful lot of time sending emails past > >> each other (especially if Tony's around :-)). > >> > >> Conor > >> > >> > -----Original Message----- > >> > From: sig-wsh-bounces at lists.projectliberty.org [mailto:sig-wsh- > >> > bounces at lists.projectliberty.org] On Behalf Of Paul Madsen > >> > Sent: Monday, June 23, 2008 7:01 PM > >> > To: Brett McDowell > >> > Cc: sig-wsh at lists.projectliberty.org; Eve Maler > >> > Subject: Re: [Sig-wsh] Beginning to collect use cases > >> > > >> > the connection I see between the two (somewhat seemingly > >> disconnected) > >> > WSH focus areas is > >> > > >> > a) ID-WSF & WS-* harmonization implies profiling WS-Trust to > >> allow a > >> WSC > >> > to obtain security tokens > >> > b) the above (may) implies separating discovery from token issuance > >> > c) separating discovery from token issuance introduces the > >> possibility > >> > of using different discovery mechanisms, like XRDS > >> > d) some of Andy/John's scenarios (we need a better descriptor) > >> touch > >> on > >> > the above application of XRDS > >> > > >> > paul > >> > > >> > Brett McDowell wrote: > >> > > Thanks Eve for getting this thread started. > >> > > > >> > > Andy or John, are you on this email list (I think you are but > >> consider > >> > > this a test message to that fact)? Could you provide a little > >> context > >> > > around your use-case(s) and how you might expect ID-WSF and WS* > >> > > harmonization to be relevant to supporting your use-case(s)? > >> > > > >> > > -- Brett > >> > > > >> > > On Jun 17, 2008, at 6:57 PM, Eve Maler wrote: > >> > > > >> > > > >> > >> Hi, all. Looks like we've got a "wish sig"! (I'd been hoping > >> for > >> a > >> > >> name like WS-Harmony but this is good too. :-) ) > >> > >> > >> > >> The plan, I believe, is to schedule a telecon for July to > >> ensure we > >> > >> an include various folks once they've returned from vacation. > >> So > >> > >> we've got some time now to get some thoughts on the table if we > >> want > >> > >> to. > >> > >> > >> > >> John Bradley has told me it's okay for me to send out the use > >> case > >> > >> document that Andy Dale put together a week or so ago, so I've > >> > >> attached that below with his accompanying comments. It's always > >> > >> valuable to have something to work off of! I think it's a great > >> > >> start and is, in parts, quite thought-provoking. There's a > >> category > >> > >> of use cases not addressed here that we still need to tackle, > >> which > >> > >> has to do with straight-ahead managed services environments in > >> which > >> > >> both "plain" STS's and ID-WSF services play a big part. I'm > >> hoping > >> > >> to get the okay to send out some stuff that's been previously > >> > >> written on this topic. Stay tuned. > >> > >> > >> > >> Eve > >> > >> > >> > >> ==== > >> > >> Quoth Andy: > >> > >> > >> > >> "I always hate putting out the first document in this type of > >> > >> collaboration as I have no idea what the expectations are and > >> just > >> > >> how far off mark I might be.... However, I do it anyway and > >> that's > >> > >> why we get things done. > >> > >> > >> > >> So if nothing else this doc should give us something to work > >> against > >> > >> and 'correct'. > >> > >> > >> > >> Once we have agreed upon our base set of UseCases I imagine a > >> bunch > >> > >> of 'templates' that get completed for each possible solution. > >> The > >> > >> template will include things like: > >> > >> > >> > >> - Actual user flow description based on this solution > >> (infoCards vs > >> > >> OP redirect, etc...) > >> > >> - What technology each actor would have to deploy for this > >> solution > >> > >> and how many man days it 'might' take to do that. (including > >> client > >> > >> side requirements for end users) > >> > >> - Privacy Profile - How much data is publicly available? Does > >> the > >> > >> user NEED a global ID? Is discovery leaking information? > >> > >> - Complete Sequence diagram of interactions (including > >> resolution > >> > >> and discovery steps). > >> > >> > >> > >> If there is agreement that this is a good direction then I am > >> happy > >> > >> to work on the template and then to complete the template for > >> the > >> > >> pure 'i-names/OpenID' implementations as those are the ones I > >> know > >> > >> the best. > >> > >> > >> > >> PLEASE: if you have a better process/idea... let me know." > >> > >> ==== > >> > >> > >> > >> > >> > >> > >> > >> > >> > >> Eve Maler +1 425 947 > >> 4522 > >> > >> Principal Engineer eve.maler @ > >> sun.com > >> > >> Business Alliances group Sun Microsystems, > >> Inc. > >> > >> _______________________________________________ > >> > >> Sig-wsh mailing list > >> > >> Sig-wsh at lists.projectliberty.org > >> > >> http://lists.projectliberty.org/mailman/listinfo/sig- > >> > wsh_lists.projectliberty.org > >> > >> > >> > > > >> > > > >> > > _______________________________________________ > >> > > Sig-wsh mailing list > >> > > Sig-wsh at lists.projectliberty.org > >> > > http://lists.projectliberty.org/mailman/listinfo/sig- > >> > wsh_lists.projectliberty.org > >> > > > >> > > > >> > > > >> > > >> > -- > >> > Paul Madsen e:paulmadsen @ ntt-at.com > >> > NTT p:613-482-0432 > >> > m:613-282-8647 > >> > aim:PaulMdsn5 > >> > web:connectid.blogspot.com > >> > > >> > > >> > _______________________________________________ > >> > Sig-wsh mailing list > >> > Sig-wsh at lists.projectliberty.org > >> > http://lists.projectliberty.org/mailman/listinfo/sig- > >> > wsh_lists.projectliberty.org > >> > >> _______________________________________________ > >> Sig-wsh mailing list > >> Sig-wsh at lists.projectliberty.org > >> http://lists.projectliberty.org/mailman/listinfo/sig- > wsh_lists.projectliberty.org > >> > >> ----------------------------------------------------------------------- > - > >> > >> No virus found in this incoming message. > >> Checked by AVG. Version: 7.5.524 / Virus Database: 270.4.1/1518 - > >> Release Date: 25/06/2008 9:46 AM > >> > > > > -- > > Paul Madsen e:paulmadsen @ ntt-at.com > > NTT p:613-482-0432 > > m:613-282-8647 > > aim:PaulMdsn5 > > web:connectid.blogspot.com From john.bradley at wingaa.com Wed Jun 25 11:48:53 2008 From: john.bradley at wingaa.com (John Bradley) Date: Wed, 25 Jun 2008 11:48:53 -0700 Subject: [Sig-wsh] Beginning to collect use cases In-Reply-To: References: <6D9427F3-30A5-4823-B4C1-A8FDE5DC4F3D@Sun.COM><11E86E29-8F33-4690-A5F9-973047108E6F@projectliberty.org> <48602B46.7020304@rogers.com> <1B47D24854C7BC4FA8DA28BEBB59B0BA03927DE1@orsmsx419.amr.corp.intel.com> <4862711D.5030406@rogers.com> Message-ID: If we meet in Seattle or Vancouver I am flexible:) I suspect the next time that a number of us will converge will be DIDW Sep 8- 10. As one of the XRDS spec authors I am of course grateful for Tony's support. There appears to be a couple of places that XRDS are being considered in this. 1. As a key peace of validating an openID claim. 2. As a way of doing public service discovery to find a EPR. 3. As a way for Higgins r-cards to preform service discovery in conjunction with Parity's/Higgins UDI. (http://www.parity.com/spec/udi/udi-syntax.html ) There may well be others that I am unaware of. That is one of the reasons for Andy and myself working on the use cases. At some point the XRI-TC may need to consider splitting the XRDS spec from the XRI 2.0 resolution spec. That may better reflect the needs of oAuth, openID and other projects that make use of XRDS. If people have opinions on that let me know so that they can be considered as the XRI-TC regroups for XRI 2.1 or whatever it will be called. I am curious to hear from the Microsoft people. I haven't seen them on the list yet. Regards John Bradley =jbradley On 25-Jun-08, at 10:19 AM, Anthony Nadalin wrote: > Can you give a general idea of time frame, June, July, August ? > > Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122 > > Paul Madsen ---06/25/2008 11:24:25 AM---I'll add > privacy policy to the 'wsh list' > > > From: > Paul Madsen > > To: > Anthony Nadalin/Austin/IBM at IBMUS > > Cc: > "Cahill, Conor P" , Brett McDowell >, Eve Maler , sig-wsh at lists.projectliberty.org, sig-wsh-bounces at lists.projectliberty.org > > Date: > 06/25/2008 11:24 AM > > Subject: > Re: [Sig-wsh] Beginning to collect use cases > > > > I'll add privacy policy to the 'wsh list' > > I agree with Conor that F2F time is needed. Tony, could you let us > know > your availability so we can plan accordingly (said with love) > > paul > > Anthony Nadalin wrote: > > > > It would also be nice if we could also > > > > 1. get agreement on service metadata between WS-Federation, SAML, > > ID-WSF as this would simplify deployments > > 2. see how we can get agreement on context (security, > authorization, etc) > > 3. maybe some agreement on common claims, attributes > > > > Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122 > > > > Inactive hide details for "Cahill, Conor P" ---06/25/2008 08:06:40 > > AM---Re the ID-WSF & WS-* harmonization, I wasn't aware that"Cahill, > > Conor P" ---06/25/2008 08:06:40 AM---Re the ID-WSF & WS-* > > harmonization, I wasn't aware that the scope was > > > > > > From: > > "Cahill, Conor P" > > > > To: > > "Paul Madsen" , "Brett McDowell" > > > > > > Cc: > > sig-wsh at lists.projectliberty.org, Eve Maler > > > > Date: > > 06/25/2008 08:06 AM > > > > Subject: > > Re: [Sig-wsh] Beginning to collect use cases > > > > > ------------------------------------------------------------------------ > > > > > > > > Re the ID-WSF & WS-* harmonization, I wasn't aware that the scope > was > > just to allow a WSC to obtain security tokens. I believe it is a > > broader scope of harmonizing the two specification sets. > > > > Tony through out some ideas (not that I agree with them all -- no > > surprise there :-)) and I think there are probably others. The > > kinds of tasks that I see on the map for that project include: > > > > * redefine AS in terms of WS-Trust > > * redefine SSOS in terms of WS-Trust > > * redefine IDPS in terms of WS-Trust > > * Change service metadata definition and EPR definitions to > > align with WS-Trust, WS-SecurityPolicy and WS-Policy > > * Examine ID-WSF SOAP Bindings to figure out how other > > changes need to get merged in. WS-Security and WS-A > > are already profiled. There's a couple of headers that > > we've defined that were not clearly supported in WS-* > > at the time (and my still not be). > > * Examine ID-WSF Security Mechanisms model the > > mechanisms in terms of WS-SecurityPolicy > > * Examine ID-WSF Discovery service and change to support > > the new service metadata and EPR definitions while also > > evaluating the functionality itself (I'm not convinced > > XRDS meets the needs as Tony appears to be cocnvinced of). > > * Examine other areas of ID-WSF to see what to do about > > the components that don't appear to have clear overlap > > -- notably the InteractionService and People Service as > > well as the SIS (though I think an argument could be made > > that the SIS specs are out of scope of this effort). > > > > As far as use cases, I think the standard operations that are > supported > > by Liberty should be examined as well as any new cases or > modifications > > to those cases that are of interest to the non-liberty players now > at > > the table. > > > > My $.02 is that the best way for this stuff to proceed forward is to > > start with some F2F time so that wee can talk though things with > > a whiteboard. Trying to do this via email is a royal pain > especially > > when we each bring our own experiences, preferences and interests to > > the table -- we could waste an awful lot of time sending emails past > > each other (especially if Tony's around :-)). > > > > Conor > > > > > -----Original Message----- > > > From: sig-wsh-bounces at lists.projectliberty.org [mailto:sig-wsh- > > > bounces at lists.projectliberty.org] On Behalf Of Paul Madsen > > > Sent: Monday, June 23, 2008 7:01 PM > > > To: Brett McDowell > > > Cc: sig-wsh at lists.projectliberty.org; Eve Maler > > > Subject: Re: [Sig-wsh] Beginning to collect use cases > > > > > > the connection I see between the two (somewhat seemingly > disconnected) > > > WSH focus areas is > > > > > > a) ID-WSF & WS-* harmonization implies profiling WS-Trust to > allow a > > WSC > > > to obtain security tokens > > > b) the above (may) implies separating discovery from token > issuance > > > c) separating discovery from token issuance introduces the > possibility > > > of using different discovery mechanisms, like XRDS > > > d) some of Andy/John's scenarios (we need a better descriptor) > touch > > on > > > the above application of XRDS > > > > > > paul > > > > > > Brett McDowell wrote: > > > > Thanks Eve for getting this thread started. > > > > > > > > Andy or John, are you on this email list (I think you are but > > consider > > > > this a test message to that fact)? Could you provide a little > > context > > > > around your use-case(s) and how you might expect ID-WSF and WS* > > > > harmonization to be relevant to supporting your use-case(s)? > > > > > > > > -- Brett > > > > > > > > On Jun 17, 2008, at 6:57 PM, Eve Maler wrote: > > > > > > > > > > > >> Hi, all. Looks like we've got a "wish sig"! (I'd been > hoping for > > a > > > >> name like WS-Harmony but this is good too. :-) ) > > > >> > > > >> The plan, I believe, is to schedule a telecon for July to > ensure we > > > >> an include various folks once they've returned from > vacation. So > > > >> we've got some time now to get some thoughts on the table if we > > want > > > >> to. > > > >> > > > >> John Bradley has told me it's okay for me to send out the use > case > > > >> document that Andy Dale put together a week or so ago, so I've > > > >> attached that below with his accompanying comments. It's > always > > > >> valuable to have something to work off of! I think it's a > great > > > >> start and is, in parts, quite thought-provoking. There's a > > category > > > >> of use cases not addressed here that we still need to tackle, > which > > > >> has to do with straight-ahead managed services environments in > > which > > > >> both "plain" STS's and ID-WSF services play a big part. I'm > hoping > > > >> to get the okay to send out some stuff that's been previously > > > >> written on this topic. Stay tuned. > > > >> > > > >> Eve > > > >> > > > >> ==== > > > >> Quoth Andy: > > > >> > > > >> "I always hate putting out the first document in this type of > > > >> collaboration as I have no idea what the expectations are and > just > > > >> how far off mark I might be.... However, I do it anyway and > that's > > > >> why we get things done. > > > >> > > > >> So if nothing else this doc should give us something to work > > against > > > >> and 'correct'. > > > >> > > > >> Once we have agreed upon our base set of UseCases I imagine a > bunch > > > >> of 'templates' that get completed for each possible solution. > The > > > >> template will include things like: > > > >> > > > >> - Actual user flow description based on this solution > (infoCards vs > > > >> OP redirect, etc...) > > > >> - What technology each actor would have to deploy for this > solution > > > >> and how many man days it 'might' take to do that. (including > client > > > >> side requirements for end users) > > > >> - Privacy Profile - How much data is publicly available? Does > the > > > >> user NEED a global ID? Is discovery leaking information? > > > >> - Complete Sequence diagram of interactions (including > resolution > > > >> and discovery steps). > > > >> > > > >> If there is agreement that this is a good direction then I am > happy > > > >> to work on the template and then to complete the template for > the > > > >> pure 'i-names/OpenID' implementations as those are the ones I > know > > > >> the best. > > > >> > > > >> PLEASE: if you have a better process/idea... let me know." > > > >> ==== > > > >> > > > >> > > > >> > > > >> > > > >> Eve Maler +1 425 947 > 4522 > > > >> Principal Engineer eve.maler @ > sun.com > > > >> Business Alliances group Sun Microsystems, > Inc. > > > >> _______________________________________________ > > > >> Sig-wsh mailing list > > > >> Sig-wsh at lists.projectliberty.org > > > >> http://lists.projectliberty.org/mailman/listinfo/sig- > > > wsh_lists.projectliberty.org > > > >> > > > > > > > > > > > > _______________________________________________ > > > > Sig-wsh mailing list > > > > Sig-wsh at lists.projectliberty.org > > > > http://lists.projectliberty.org/mailman/listinfo/sig- > > > wsh_lists.projectliberty.org > > > > > > > > > > > > > > > > > > -- > > > Paul Madsen e:paulmadsen @ ntt-at.com > > > NTT p:613-482-0432 > > > m:613-282-8647 > > > aim:PaulMdsn5 > > > web:connectid.blogspot.com > > > > > > > > > _______________________________________________ > > > Sig-wsh mailing list > > > Sig-wsh at lists.projectliberty.org > > > http://lists.projectliberty.org/mailman/listinfo/sig- > > > wsh_lists.projectliberty.org > > > > _______________________________________________ > > Sig-wsh mailing list > > Sig-wsh at lists.projectliberty.org > > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org > > > > > ------------------------------------------------------------------------ > > > > No virus found in this incoming message. > > Checked by AVG. > > Version: 7.5.524 / Virus Database: 270.4.1/1518 - Release Date: > 25/06/2008 9:46 AM > > > > -- > Paul Madsen e:paulmadsen @ ntt-at.com > NTT p:613-482-0432 > m:613-282-8647 > aim:PaulMdsn5 > web:connectid.blogspot.com > > > _______________________________________________ > Sig-wsh mailing list > Sig-wsh at lists.projectliberty.org > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.projectliberty.org/pipermail/sig-wsh_lists.projectliberty.org/attachments/20080625/59d5a911/attachment-0001.html From britta at projectliberty.org Wed Jun 25 12:01:43 2008 From: britta at projectliberty.org (Britta Glade) Date: Wed, 25 Jun 2008 12:01:43 -0700 Subject: [Sig-wsh] Beginning to collect use cases In-Reply-To: References: <6D9427F3-30A5-4823-B4C1-A8FDE5DC4F3D@Sun.COM> <11E86E29-8F33-4690-A5F9-973047108E6F@projectliberty.org> <48602B46.7020304@rogers.com> <1B47D24854C7BC4FA8DA28BEBB59B0BA03927DE1@orsmsx419.amr.corp.intel.com> <4862711D.5030406@rogers.com> Message-ID: Don Schmidt's on vacation until around July 4--I imagine he'll pipe up then. On the DIDW note, conference starts in the afternoon of Sept 8. They are doing pre-con workshop type things in the morning (but not as flexible as years past). I've been working with the organizers on some other things. I can see if we can get room for a meeting the morning of sept. 8 if folks want--just let me know. --b. On 6/25/08, John Bradley wrote: > > If we meet in Seattle or Vancouver I am flexible:) > > I suspect the next time that a number of us will converge will be DIDW Sep > 8- 10. > > > As one of the XRDS spec authors I am of course grateful for Tony's support. > > > > There appears to be a couple of places that XRDS are being considered in > this. > > > 1. As a key peace of validating an openID claim. > 2. As a way of doing public service discovery to find a EPR. > 3. As a way for Higgins r-cards to preform service discovery > in conjunction with Parity's/Higgins UDI. ( > http://www.parity.com/spec/udi/udi-syntax.html) > > > There may well be others that I am unaware of. That is one of the reasons > for Andy and myself working on the use cases. > > > At some point the XRI-TC may need to consider splitting the XRDS spec from > the XRI 2.0 resolution spec. > That may better reflect the needs of oAuth, openID and other projects that > make use of XRDS. > If people have opinions on that let me know so that they can > be considered as the XRI-TC regroups for XRI 2.1 or whatever it will be > called. > > > I am curious to hear from the Microsoft people. I haven't seen them on the > list yet. > > > Regards > John Bradley > =jbradley > > > > On 25-Jun-08, at 10:19 AM, Anthony Nadalin wrote: > > Can you give a general idea of time frame, June, July, August ? > > Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122 > > Paul Madsen ---06/25/2008 11:24:25 AM---I'll add privacy > policy to the 'wsh list' > > > From: > Paul Madsen > To: > Anthony Nadalin/Austin/IBM at IBMUS > Cc: > "Cahill, Conor P" , Brett McDowell < > brett at projectliberty.org>, Eve Maler , > sig-wsh at lists.projectliberty.org, sig-wsh-bounces at lists.projectliberty.org > > Date: > 06/25/2008 11:24 AM > Subject: > Re: [Sig-wsh] Beginning to collect use cases > ------------------------------ > > > > I'll add privacy policy to the 'wsh list' > > I agree with Conor that F2F time is needed. Tony, could you let us know > your availability so we can plan accordingly (said with love) > > paul > > Anthony Nadalin wrote: > > > > It would also be nice if we could also > > > > 1. get agreement on service metadata between WS-Federation, SAML, > > ID-WSF as this would simplify deployments > > 2. see how we can get agreement on context (security, authorization, etc) > > 3. maybe some agreement on common claims, attributes > > > > Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122 > > > > Inactive hide details for "Cahill, Conor P" ---06/25/2008 08:06:40 > > AM---Re the ID-WSF & WS-* harmonization, I wasn't aware that"Cahill, > > Conor P" ---06/25/2008 08:06:40 AM---Re the ID-WSF & WS-* > > harmonization, I wasn't aware that the scope was > > > > > > From: > > "Cahill, Conor P" > > > > To: > > "Paul Madsen" , "Brett McDowell" > > > > > > Cc: > > sig-wsh at lists.projectliberty.org, Eve Maler > > > > Date: > > 06/25/2008 08:06 AM > > > > Subject: > > Re: [Sig-wsh] Beginning to collect use cases > > > > ------------------------------------------------------------------------ > > > > > > > > Re the ID-WSF & WS-* harmonization, I wasn't aware that the scope was > > just to allow a WSC to obtain security tokens. I believe it is a > > broader scope of harmonizing the two specification sets. > > > > Tony through out some ideas (not that I agree with them all -- no > > surprise there :-)) and I think there are probably others. The > > kinds of tasks that I see on the map for that project include: > > > > * redefine AS in terms of WS-Trust > > * redefine SSOS in terms of WS-Trust > > * redefine IDPS in terms of WS-Trust > > * Change service metadata definition and EPR definitions to > > align with WS-Trust, WS-SecurityPolicy and WS-Policy > > * Examine ID-WSF SOAP Bindings to figure out how other > > changes need to get merged in. WS-Security and WS-A > > are already profiled. There's a couple of headers that > > we've defined that were not clearly supported in WS-* > > at the time (and my still not be). > > * Examine ID-WSF Security Mechanisms model the > > mechanisms in terms of WS-SecurityPolicy > > * Examine ID-WSF Discovery service and change to support > > the new service metadata and EPR definitions while also > > evaluating the functionality itself (I'm not convinced > > XRDS meets the needs as Tony appears to be cocnvinced of). > > * Examine other areas of ID-WSF to see what to do about > > the components that don't appear to have clear overlap > > -- notably the InteractionService and People Service as > > well as the SIS (though I think an argument could be made > > that the SIS specs are out of scope of this effort). > > > > As far as use cases, I think the standard operations that are supported > > by Liberty should be examined as well as any new cases or modifications > > to those cases that are of interest to the non-liberty players now at > > the table. > > > > My $.02 is that the best way for this stuff to proceed forward is to > > start with some F2F time so that wee can talk though things with > > a whiteboard. Trying to do this via email is a royal pain especially > > when we each bring our own experiences, preferences and interests to > > the table -- we could waste an awful lot of time sending emails past > > each other (especially if Tony's around :-)). > > > > Conor > > > > > -----Original Message----- > > > From: sig-wsh-bounces at lists.projectliberty.org [mailto:sig-wsh- > > > bounces at lists.projectliberty.org] On Behalf Of Paul Madsen > > > Sent: Monday, June 23, 2008 7:01 PM > > > To: Brett McDowell > > > Cc: sig-wsh at lists.projectliberty.org; Eve Maler > > > Subject: Re: [Sig-wsh] Beginning to collect use cases > > > > > > the connection I see between the two (somewhat seemingly disconnected) > > > WSH focus areas is > > > > > > a) ID-WSF & WS-* harmonization implies profiling WS-Trust to allow a > > WSC > > > to obtain security tokens > > > b) the above (may) implies separating discovery from token issuance > > > c) separating discovery from token issuance introduces the possibility > > > of using different discovery mechanisms, like XRDS > > > d) some of Andy/John's scenarios (we need a better descriptor) touch > > on > > > the above application of XRDS > > > > > > paul > > > > > > Brett McDowell wrote: > > > > Thanks Eve for getting this thread started. > > > > > > > > Andy or John, are you on this email list (I think you are but > > consider > > > > this a test message to that fact)? Could you provide a little > > context > > > > around your use-case(s) and how you might expect ID-WSF and WS* > > > > harmonization to be relevant to supporting your use-case(s)? > > > > > > > > -- Brett > > > > > > > > On Jun 17, 2008, at 6:57 PM, Eve Maler wrote: > > > > > > > > > > > >> Hi, all. Looks like we've got a "wish sig"! (I'd been hoping for > > a > > > >> name like WS-Harmony but this is good too. :-) ) > > > >> > > > >> The plan, I believe, is to schedule a telecon for July to ensure we > > > >> an include various folks once they've returned from vacation. So > > > >> we've got some time now to get some thoughts on the table if we > > want > > > >> to. > > > >> > > > >> John Bradley has told me it's okay for me to send out the use case > > > >> document that Andy Dale put together a week or so ago, so I've > > > >> attached that below with his accompanying comments. It's always > > > >> valuable to have something to work off of! I think it's a great > > > >> start and is, in parts, quite thought-provoking. There's a > > category > > > >> of use cases not addressed here that we still need to tackle, which > > > >> has to do with straight-ahead managed services environments in > > which > > > >> both "plain" STS's and ID-WSF services play a big part. I'm hoping > > > >> to get the okay to send out some stuff that's been previously > > > >> written on this topic. Stay tuned. > > > >> > > > >> Eve > > > >> > > > >> ==== > > > >> Quoth Andy: > > > >> > > > >> "I always hate putting out the first document in this type of > > > >> collaboration as I have no idea what the expectations are and just > > > >> how far off mark I might be.... However, I do it anyway and that's > > > >> why we get things done. > > > >> > > > >> So if nothing else this doc should give us something to work > > against > > > >> and 'correct'. > > > >> > > > >> Once we have agreed upon our base set of UseCases I imagine a bunch > > > >> of 'templates' that get completed for each possible solution. The > > > >> template will include things like: > > > >> > > > >> - Actual user flow description based on this solution (infoCards vs > > > >> OP redirect, etc...) > > > >> - What technology each actor would have to deploy for this solution > > > >> and how many man days it 'might' take to do that. (including client > > > >> side requirements for end users) > > > >> - Privacy Profile - How much data is publicly available? Does the > > > >> user NEED a global ID? Is discovery leaking information? > > > >> - Complete Sequence diagram of interactions (including resolution > > > >> and discovery steps). > > > >> > > > >> If there is agreement that this is a good direction then I am happy > > > >> to work on the template and then to complete the template for the > > > >> pure 'i-names/OpenID' implementations as those are the ones I know > > > >> the best. > > > >> > > > >> PLEASE: if you have a better process/idea... let me know." > > > >> ==== > > > >> > > > >> > > > >> > > > >> > > > >> Eve Maler +1 425 947 4522 > > > >> Principal Engineer eve.maler @ sun.com > > > >> Business Alliances group Sun Microsystems, Inc. > > > >> _______________________________________________ > > > >> Sig-wsh mailing list > > > >> Sig-wsh at lists.projectliberty.org > > > >> http://lists.projectliberty.org/mailman/listinfo/sig- > > > wsh_lists.projectliberty.org > > > >> > > > > > > > > > > > > _______________________________________________ > > > > Sig-wsh mailing list > > > > Sig-wsh at lists.projectliberty.org > > > > http://lists.projectliberty.org/mailman/listinfo/sig- > > > wsh_lists.projectliberty.org > > > > > > > > > > > > > > > > > > -- > > > Paul Madsen e:paulmadsen @ ntt-at.com > > > NTT p:613-482-0432 > > > m:613-282-8647 > > > aim:PaulMdsn5 > > > web:connectid.blogspot.com > > > > > > > > > _______________________________________________ > > > Sig-wsh mailing list > > > Sig-wsh at lists.projectliberty.org > > > http://lists.projectliberty.org/mailman/listinfo/sig- > > > wsh_lists.projectliberty.org > > > > _______________________________________________ > > Sig-wsh mailing list > > Sig-wsh at lists.projectliberty.org > > > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org > > > > ------------------------------------------------------------------------ > > > > No virus found in this incoming message. > > Checked by AVG. > > Version: 7.5.524 / Virus Database: 270.4.1/1518 - Release Date: > 25/06/2008 9:46 AM > > > > -- > Paul Madsen e:paulmadsen @ ntt-at.com > NTT p:613-482-0432 > m:613-282-8647 > aim:PaulMdsn5 > web:connectid.blogspot.com > > > _______________________________________________ > Sig-wsh mailing list > Sig-wsh at lists.projectliberty.org > > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org > > > > > _______________________________________________ > Sig-wsh mailing list > Sig-wsh at lists.projectliberty.org > > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org > > -- Britta Glade Liberty Alliance 925-254-4233 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.projectliberty.org/pipermail/sig-wsh_lists.projectliberty.org/attachments/20080625/a9349614/attachment-0001.html From brett at projectliberty.org Wed Jun 25 12:05:16 2008 From: brett at projectliberty.org (Brett McDowell) Date: Wed, 25 Jun 2008 15:05:16 -0400 Subject: [Sig-wsh] Beginning to collect use cases In-Reply-To: References: <6D9427F3-30A5-4823-B4C1-A8FDE5DC4F3D@Sun.COM> <11E86E29-8F33-4690-A5F9-973047108E6F@projectliberty.org> <48602B46.7020304@rogers.com> <1B47D24854C7BC4FA8DA28BEBB59B0BA03927DE1@orsmsx419.amr.corp.intel.com> <4862711D.5030406@rogers.com> Message-ID: How about Seattle in August just to get things moving sooner than later. Do we have key contributors out in August? On Jun 25, 2008, at 3:01 PM, Britta Glade wrote: > Don Schmidt's on vacation until around July 4--I imagine he'll pipe > up then. > > On the DIDW note, conference starts in the afternoon of Sept 8. > They are doing pre-con workshop type things in the morning (but not > as flexible as years past). I've been working with the organizers > on some other things. I can see if we can get room for a meeting > the morning of sept. 8 if folks want--just let me know. > > --b. > > On 6/25/08, John Bradley wrote: > If we meet in Seattle or Vancouver I am flexible:) > > > I suspect the next time that a number of us will converge will be > DIDW Sep 8- 10. > > > As one of the XRDS spec authors I am of course grateful for Tony's > support. > > > There appears to be a couple of places that XRDS are being > considered in this. > > > 1. As a key peace of validating an openID claim. > 2. As a way of doing public service discovery to find a EPR. > 3. As a way for Higgins r-cards to preform service discovery in > conjunction with Parity's/Higgins UDI. (http://www.parity.com/spec/udi/udi-syntax.html > ) > > > There may well be others that I am unaware of. That is one of the > reasons for Andy and myself working on the use cases. > > > At some point the XRI-TC may need to consider splitting the XRDS > spec from the XRI 2.0 resolution spec. > That may better reflect the needs of oAuth, openID and other > projects that make use of XRDS. > If people have opinions on that let me know so that they can be > considered as the XRI-TC regroups for XRI 2.1 or whatever it will be > called. > > > I am curious to hear from the Microsoft people. I haven't seen them > on the list yet. > > > Regards > John Bradley > =jbradley > > > > On 25-Jun-08, at 10:19 AM, Anthony Nadalin wrote: > >> Can you give a general idea of time frame, June, July, August ? >> >> Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122 >> >> Paul Madsen ---06/25/2008 11:24:25 AM---I'll add >> privacy policy to the 'wsh list' >> >> >> From: >> Paul Madsen >> >> To: >> Anthony Nadalin/Austin/IBM at IBMUS >> >> Cc: >> "Cahill, Conor P" , Brett McDowell > >, Eve Maler , sig-wsh at lists.projectliberty.org, sig-wsh-bounces at lists.projectliberty.org >> >> Date: >> 06/25/2008 11:24 AM >> >> Subject: >> >> Re: [Sig-wsh] Beginning to collect use cases >> >> >> >> >> I'll add privacy policy to the 'wsh list' >> >> I agree with Conor that F2F time is needed. Tony, could you let us >> know >> your availability so we can plan accordingly (said with love) >> >> paul >> >> Anthony Nadalin wrote: >> > >> > It would also be nice if we could also >> > >> > 1. get agreement on service metadata between WS-Federation, SAML, >> > ID-WSF as this would simplify deployments >> > 2. see how we can get agreement on context (security, >> authorization, etc) >> > 3. maybe some agreement on common claims, attributes >> > >> > Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122 >> > >> > Inactive hide details for "Cahill, Conor P" ---06/25/2008 08:06:40 >> > AM---Re the ID-WSF & WS-* harmonization, I wasn't aware >> that"Cahill, >> > Conor P" ---06/25/2008 08:06:40 AM---Re the ID-WSF & WS-* >> > harmonization, I wasn't aware that the scope was >> > >> > >> > From: >> > "Cahill, Conor P" >> > >> > To: >> > "Paul Madsen" , "Brett McDowell" >> > >> > >> > Cc: >> > sig-wsh at lists.projectliberty.org, Eve Maler >> > >> > Date: >> > 06/25/2008 08:06 AM >> > >> > Subject: >> > Re: [Sig-wsh] Beginning to collect use cases >> > >> > >> ------------------------------------------------------------------------ >> > >> > >> > >> > Re the ID-WSF & WS-* harmonization, I wasn't aware that the scope >> was >> > just to allow a WSC to obtain security tokens. I believe it is a >> > broader scope of harmonizing the two specification sets. >> > >> > Tony through out some ideas (not that I agree with them all -- no >> > surprise there :-)) and I think there are probably others. The >> > kinds of tasks that I see on the map for that project include: >> > >> > * redefine AS in terms of WS-Trust >> > * redefine SSOS in terms of WS-Trust >> > * redefine IDPS in terms of WS-Trust >> > * Change service metadata definition and EPR definitions to >> > align with WS-Trust, WS-SecurityPolicy and WS-Policy >> > * Examine ID-WSF SOAP Bindings to figure out how other >> > changes need to get merged in. WS-Security and WS-A >> > are already profiled. There's a couple of headers that >> > we've defined that were not clearly supported in WS-* >> > at the time (and my still not be). >> > * Examine ID-WSF Security Mechanisms model the >> > mechanisms in terms of WS-SecurityPolicy >> > * Examine ID-WSF Discovery service and change to support >> > the new service metadata and EPR definitions while also >> > evaluating the functionality itself (I'm not convinced >> > XRDS meets the needs as Tony appears to be cocnvinced of). >> > * Examine other areas of ID-WSF to see what to do about >> > the components that don't appear to have clear overlap >> > -- notably the InteractionService and People Service as >> > well as the SIS (though I think an argument could be made >> > that the SIS specs are out of scope of this effort). >> > >> > As far as use cases, I think the standard operations that are >> supported >> > by Liberty should be examined as well as any new cases or >> modifications >> > to those cases that are of interest to the non-liberty players >> now at >> > the table. >> > >> > My $.02 is that the best way for this stuff to proceed forward is >> to >> > start with some F2F time so that wee can talk though things with >> > a whiteboard. Trying to do this via email is a royal pain >> especially >> > when we each bring our own experiences, preferences and interests >> to >> > the table -- we could waste an awful lot of time sending emails >> past >> > each other (especially if Tony's around :-)). >> > >> > Conor >> > >> > > -----Original Message----- >> > > From: sig-wsh-bounces at lists.projectliberty.org [mailto:sig-wsh- >> > > bounces at lists.projectliberty.org] On Behalf Of Paul Madsen >> > > Sent: Monday, June 23, 2008 7:01 PM >> > > To: Brett McDowell >> > > Cc: sig-wsh at lists.projectliberty.org; Eve Maler >> > > Subject: Re: [Sig-wsh] Beginning to collect use cases >> > > >> > > the connection I see between the two (somewhat seemingly >> disconnected) >> > > WSH focus areas is >> > > >> > > a) ID-WSF & WS-* harmonization implies profiling WS-Trust to >> allow a >> > WSC >> > > to obtain security tokens >> > > b) the above (may) implies separating discovery from token >> issuance >> > > c) separating discovery from token issuance introduces the >> possibility >> > > of using different discovery mechanisms, like XRDS >> > > d) some of Andy/John's scenarios (we need a better descriptor) >> touch >> > on >> > > the above application of XRDS >> > > >> > > paul >> > > >> > > Brett McDowell wrote: >> > > > Thanks Eve for getting this thread started. >> > > > >> > > > Andy or John, are you on this email list (I think you are but >> > consider >> > > > this a test message to that fact)? Could you provide a little >> > context >> > > > around your use-case(s) and how you might expect ID-WSF and WS* >> > > > harmonization to be relevant to supporting your use-case(s)? >> > > > >> > > > -- Brett >> > > > >> > > > On Jun 17, 2008, at 6:57 PM, Eve Maler wrote: >> > > > >> > > > >> > > >> Hi, all. Looks like we've got a "wish sig"! (I'd been >> hoping for >> > a >> > > >> name like WS-Harmony but this is good too. :-) ) >> > > >> >> > > >> The plan, I believe, is to schedule a telecon for July to >> ensure we >> > > >> an include various folks once they've returned from >> vacation. So >> > > >> we've got some time now to get some thoughts on the table if >> we >> > want >> > > >> to. >> > > >> >> > > >> John Bradley has told me it's okay for me to send out the >> use case >> > > >> document that Andy Dale put together a week or so ago, so I've >> > > >> attached that below with his accompanying comments. It's >> always >> > > >> valuable to have something to work off of! I think it's a >> great >> > > >> start and is, in parts, quite thought-provoking. There's a >> > category >> > > >> of use cases not addressed here that we still need to >> tackle, which >> > > >> has to do with straight-ahead managed services environments in >> > which >> > > >> both "plain" STS's and ID-WSF services play a big part. I'm >> hoping >> > > >> to get the okay to send out some stuff that's been previously >> > > >> written on this topic. Stay tuned. >> > > >> >> > > >> Eve >> > > >> >> > > >> ==== >> > > >> Quoth Andy: >> > > >> >> > > >> "I always hate putting out the first document in this type of >> > > >> collaboration as I have no idea what the expectations are >> and just >> > > >> how far off mark I might be.... However, I do it anyway and >> that's >> > > >> why we get things done. >> > > >> >> > > >> So if nothing else this doc should give us something to work >> > against >> > > >> and 'correct'. >> > > >> >> > > >> Once we have agreed upon our base set of UseCases I imagine >> a bunch >> > > >> of 'templates' that get completed for each possible >> solution. The >> > > >> template will include things like: >> > > >> >> > > >> - Actual user flow description based on this solution >> (infoCards vs >> > > >> OP redirect, etc...) >> > > >> - What technology each actor would have to deploy for this >> solution >> > > >> and how many man days it 'might' take to do that. (including >> client >> > > >> side requirements for end users) >> > > >> - Privacy Profile - How much data is publicly available? >> Does the >> > > >> user NEED a global ID? Is discovery leaking information? >> > > >> - Complete Sequence diagram of interactions (including >> resolution >> > > >> and discovery steps). >> > > >> >> > > >> If there is agreement that this is a good direction then I >> am happy >> > > >> to work on the template and then to complete the template >> for the >> > > >> pure 'i-names/OpenID' implementations as those are the ones >> I know >> > > >> the best. >> > > >> >> > > >> PLEASE: if you have a better process/idea... let me know." >> > > >> ==== >> > > >> >> > > >> >> > > >> >> > > >> >> > > >> Eve Maler +1 425 947 >> 4522 >> > > >> Principal Engineer eve.maler @ >> sun.com >> > > >> Business Alliances group Sun >> Microsystems, Inc. >> > > >> _______________________________________________ >> > > >> Sig-wsh mailing list >> > > >> Sig-wsh at lists.projectliberty.org >> > > >> http://lists.projectliberty.org/mailman/listinfo/sig- >> > > wsh_lists.projectliberty.org >> > > >> >> > > > >> > > > >> > > > _______________________________________________ >> > > > Sig-wsh mailing list >> > > > Sig-wsh at lists.projectliberty.org >> > > > http://lists.projectliberty.org/mailman/listinfo/sig- >> > > wsh_lists.projectliberty.org >> > > > >> > > > >> > > > >> > > >> > > -- >> > > Paul Madsen e:paulmadsen @ ntt-at.com >> > > NTT p:613-482-0432 >> > > m:613-282-8647 >> > > aim:PaulMdsn5 >> > > web:connectid.blogspot.com >> > > >> > > >> > > _______________________________________________ >> > > Sig-wsh mailing list >> > > Sig-wsh at lists.projectliberty.org >> > > http://lists.projectliberty.org/mailman/listinfo/sig- >> > > wsh_lists.projectliberty.org >> > >> > _______________________________________________ >> > Sig-wsh mailing list >> > Sig-wsh at lists.projectliberty.org >> > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org >> > >> > >> ------------------------------------------------------------------------ >> > >> > No virus found in this incoming message. >> > Checked by AVG. >> > Version: 7.5.524 / Virus Database: 270.4.1/1518 - Release Date: >> 25/06/2008 9:46 AM >> > >> >> -- >> Paul Madsen e:paulmadsen @ ntt-at.com >> NTT p:613-482-0432 >> m:613-282-8647 >> aim:PaulMdsn5 >> web:connectid.blogspot.com >> >> >> _______________________________________________ >> Sig-wsh mailing list >> Sig-wsh at lists.projectliberty.org >> http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org > > > > _______________________________________________ > Sig-wsh mailing list > Sig-wsh at lists.projectliberty.org > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org > > > > > -- > Britta Glade > Liberty Alliance > 925-254-4233 > _______________________________________________ > Sig-wsh mailing list > Sig-wsh at lists.projectliberty.org > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.projectliberty.org/pipermail/sig-wsh_lists.projectliberty.org/attachments/20080625/9d081f0f/attachment-0001.html From john.bradley at wingaa.com Wed Jun 25 13:06:21 2008 From: john.bradley at wingaa.com (John Bradley) Date: Wed, 25 Jun 2008 13:06:21 -0700 Subject: [Sig-wsh] Beginning to collect use cases In-Reply-To: References: <6D9427F3-30A5-4823-B4C1-A8FDE5DC4F3D@Sun.COM> <11E86E29-8F33-4690-A5F9-973047108E6F@projectliberty.org> <48602B46.7020304@rogers.com> <1B47D24854C7BC4FA8DA28BEBB59B0BA03927DE1@orsmsx419.amr.corp.intel.com> <4862711D.5030406@rogers.com> Message-ID: <8AC09361-19F1-48FA-B186-C4DFB8E81721@wingaa.com> August in Seattle/Redmond works for me. =jbradley On 25-Jun-08, at 12:05 PM, Brett McDowell wrote: > How about Seattle in August just to get things moving sooner than > later. Do we have key contributors out in August? > > On Jun 25, 2008, at 3:01 PM, Britta Glade wrote: > >> Don Schmidt's on vacation until around July 4--I imagine he'll pipe >> up then. >> >> On the DIDW note, conference starts in the afternoon of Sept 8. >> They are doing pre-con workshop type things in the morning (but not >> as flexible as years past). I've been working with the organizers >> on some other things. I can see if we can get room for a meeting >> the morning of sept. 8 if folks want--just let me know. >> >> --b. >> >> On 6/25/08, John Bradley wrote: >> If we meet in Seattle or Vancouver I am flexible:) >> >> >> I suspect the next time that a number of us will converge will be >> DIDW Sep 8- 10. >> >> >> As one of the XRDS spec authors I am of course grateful for Tony's >> support. >> >> >> There appears to be a couple of places that XRDS are being >> considered in this. >> >> >> 1. As a key peace of validating an openID claim. >> 2. As a way of doing public service discovery to find a EPR. >> 3. As a way for Higgins r-cards to preform service discovery in >> conjunction with Parity's/Higgins UDI. (http://www.parity.com/spec/udi/udi-syntax.html >> ) >> >> >> There may well be others that I am unaware of. That is one of the >> reasons for Andy and myself working on the use cases. >> >> >> At some point the XRI-TC may need to consider splitting the XRDS >> spec from the XRI 2.0 resolution spec. >> That may better reflect the needs of oAuth, openID and other >> projects that make use of XRDS. >> If people have opinions on that let me know so that they can be >> considered as the XRI-TC regroups for XRI 2.1 or whatever it will >> be called. >> >> >> I am curious to hear from the Microsoft people. I haven't seen >> them on the list yet. >> >> >> Regards >> John Bradley >> =jbradley >> >> >> >> On 25-Jun-08, at 10:19 AM, Anthony Nadalin wrote: >> >>> Can you give a general idea of time frame, June, July, August ? >>> >>> Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122 >>> >>> Paul Madsen ---06/25/2008 11:24:25 AM---I'll add >>> privacy policy to the 'wsh list' >>> >>> >>> From: >>> Paul Madsen >>> >>> To: >>> Anthony Nadalin/Austin/IBM at IBMUS >>> >>> Cc: >>> "Cahill, Conor P" , Brett McDowell >> >, Eve Maler , sig- >>> wsh at lists.projectliberty.org, sig-wsh-bounces at lists.projectliberty.org >>> >>> Date: >>> 06/25/2008 11:24 AM >>> >>> Subject: >>> >>> Re: [Sig-wsh] Beginning to collect use cases >>> >>> >>> >>> >>> I'll add privacy policy to the 'wsh list' >>> >>> I agree with Conor that F2F time is needed. Tony, could you let >>> us know >>> your availability so we can plan accordingly (said with love) >>> >>> paul >>> >>> Anthony Nadalin wrote: >>> > >>> > It would also be nice if we could also >>> > >>> > 1. get agreement on service metadata between WS-Federation, SAML, >>> > ID-WSF as this would simplify deployments >>> > 2. see how we can get agreement on context (security, >>> authorization, etc) >>> > 3. maybe some agreement on common claims, attributes >>> > >>> > Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122 >>> > >>> > Inactive hide details for "Cahill, Conor P" ---06/25/2008 08:06:40 >>> > AM---Re the ID-WSF & WS-* harmonization, I wasn't aware >>> that"Cahill, >>> > Conor P" ---06/25/2008 08:06:40 AM---Re the ID-WSF & WS-* >>> > harmonization, I wasn't aware that the scope was >>> > >>> > >>> > From: >>> > "Cahill, Conor P" >>> > >>> > To: >>> > "Paul Madsen" , "Brett McDowell" >>> > >>> > >>> > Cc: >>> > sig-wsh at lists.projectliberty.org, Eve Maler >>> > >>> > Date: >>> > 06/25/2008 08:06 AM >>> > >>> > Subject: >>> > Re: [Sig-wsh] Beginning to collect use cases >>> > >>> > >>> ------------------------------------------------------------------------ >>> > >>> > >>> > >>> > Re the ID-WSF & WS-* harmonization, I wasn't aware that the >>> scope was >>> > just to allow a WSC to obtain security tokens. I believe it is a >>> > broader scope of harmonizing the two specification sets. >>> > >>> > Tony through out some ideas (not that I agree with them all -- no >>> > surprise there :-)) and I think there are probably others. The >>> > kinds of tasks that I see on the map for that project include: >>> > >>> > * redefine AS in terms of WS-Trust >>> > * redefine SSOS in terms of WS-Trust >>> > * redefine IDPS in terms of WS-Trust >>> > * Change service metadata definition and EPR definitions to >>> > align with WS-Trust, WS-SecurityPolicy and WS-Policy >>> > * Examine ID-WSF SOAP Bindings to figure out how other >>> > changes need to get merged in. WS-Security and WS-A >>> > are already profiled. There's a couple of headers that >>> > we've defined that were not clearly supported in WS-* >>> > at the time (and my still not be). >>> > * Examine ID-WSF Security Mechanisms model the >>> > mechanisms in terms of WS-SecurityPolicy >>> > * Examine ID-WSF Discovery service and change to support >>> > the new service metadata and EPR definitions while also >>> > evaluating the functionality itself (I'm not convinced >>> > XRDS meets the needs as Tony appears to be cocnvinced of). >>> > * Examine other areas of ID-WSF to see what to do about >>> > the components that don't appear to have clear overlap >>> > -- notably the InteractionService and People Service as >>> > well as the SIS (though I think an argument could be made >>> > that the SIS specs are out of scope of this effort). >>> > >>> > As far as use cases, I think the standard operations that are >>> supported >>> > by Liberty should be examined as well as any new cases or >>> modifications >>> > to those cases that are of interest to the non-liberty players >>> now at >>> > the table. >>> > >>> > My $.02 is that the best way for this stuff to proceed forward >>> is to >>> > start with some F2F time so that wee can talk though things with >>> > a whiteboard. Trying to do this via email is a royal pain >>> especially >>> > when we each bring our own experiences, preferences and >>> interests to >>> > the table -- we could waste an awful lot of time sending emails >>> past >>> > each other (especially if Tony's around :-)). >>> > >>> > Conor >>> > >>> > > -----Original Message----- >>> > > From: sig-wsh-bounces at lists.projectliberty.org [mailto:sig-wsh- >>> > > bounces at lists.projectliberty.org] On Behalf Of Paul Madsen >>> > > Sent: Monday, June 23, 2008 7:01 PM >>> > > To: Brett McDowell >>> > > Cc: sig-wsh at lists.projectliberty.org; Eve Maler >>> > > Subject: Re: [Sig-wsh] Beginning to collect use cases >>> > > >>> > > the connection I see between the two (somewhat seemingly >>> disconnected) >>> > > WSH focus areas is >>> > > >>> > > a) ID-WSF & WS-* harmonization implies profiling WS-Trust to >>> allow a >>> > WSC >>> > > to obtain security tokens >>> > > b) the above (may) implies separating discovery from token >>> issuance >>> > > c) separating discovery from token issuance introduces the >>> possibility >>> > > of using different discovery mechanisms, like XRDS >>> > > d) some of Andy/John's scenarios (we need a better descriptor) >>> touch >>> > on >>> > > the above application of XRDS >>> > > >>> > > paul >>> > > >>> > > Brett McDowell wrote: >>> > > > Thanks Eve for getting this thread started. >>> > > > >>> > > > Andy or John, are you on this email list (I think you are but >>> > consider >>> > > > this a test message to that fact)? Could you provide a little >>> > context >>> > > > around your use-case(s) and how you might expect ID-WSF and >>> WS* >>> > > > harmonization to be relevant to supporting your use-case(s)? >>> > > > >>> > > > -- Brett >>> > > > >>> > > > On Jun 17, 2008, at 6:57 PM, Eve Maler wrote: >>> > > > >>> > > > >>> > > >> Hi, all. Looks like we've got a "wish sig"! (I'd been >>> hoping for >>> > a >>> > > >> name like WS-Harmony but this is good too. :-) ) >>> > > >> >>> > > >> The plan, I believe, is to schedule a telecon for July to >>> ensure we >>> > > >> an include various folks once they've returned from >>> vacation. So >>> > > >> we've got some time now to get some thoughts on the table >>> if we >>> > want >>> > > >> to. >>> > > >> >>> > > >> John Bradley has told me it's okay for me to send out the >>> use case >>> > > >> document that Andy Dale put together a week or so ago, so >>> I've >>> > > >> attached that below with his accompanying comments. It's >>> always >>> > > >> valuable to have something to work off of! I think it's a >>> great >>> > > >> start and is, in parts, quite thought-provoking. There's a >>> > category >>> > > >> of use cases not addressed here that we still need to >>> tackle, which >>> > > >> has to do with straight-ahead managed services environments >>> in >>> > which >>> > > >> both "plain" STS's and ID-WSF services play a big part. >>> I'm hoping >>> > > >> to get the okay to send out some stuff that's been previously >>> > > >> written on this topic. Stay tuned. >>> > > >> >>> > > >> Eve >>> > > >> >>> > > >> ==== >>> > > >> Quoth Andy: >>> > > >> >>> > > >> "I always hate putting out the first document in this type of >>> > > >> collaboration as I have no idea what the expectations are >>> and just >>> > > >> how far off mark I might be.... However, I do it anyway and >>> that's >>> > > >> why we get things done. >>> > > >> >>> > > >> So if nothing else this doc should give us something to work >>> > against >>> > > >> and 'correct'. >>> > > >> >>> > > >> Once we have agreed upon our base set of UseCases I imagine >>> a bunch >>> > > >> of 'templates' that get completed for each possible >>> solution. The >>> > > >> template will include things like: >>> > > >> >>> > > >> - Actual user flow description based on this solution >>> (infoCards vs >>> > > >> OP redirect, etc...) >>> > > >> - What technology each actor would have to deploy for this >>> solution >>> > > >> and how many man days it 'might' take to do that. >>> (including client >>> > > >> side requirements for end users) >>> > > >> - Privacy Profile - How much data is publicly available? >>> Does the >>> > > >> user NEED a global ID? Is discovery leaking information? >>> > > >> - Complete Sequence diagram of interactions (including >>> resolution >>> > > >> and discovery steps). >>> > > >> >>> > > >> If there is agreement that this is a good direction then I >>> am happy >>> > > >> to work on the template and then to complete the template >>> for the >>> > > >> pure 'i-names/OpenID' implementations as those are the ones >>> I know >>> > > >> the best. >>> > > >> >>> > > >> PLEASE: if you have a better process/idea... let me know." >>> > > >> ==== >>> > > >> >>> > > >> >>> > > >> >>> > > >> >>> > > >> Eve Maler +1 425 >>> 947 4522 >>> > > >> Principal Engineer eve.maler @ >>> sun.com >>> > > >> Business Alliances group Sun >>> Microsystems, Inc. >>> > > >> _______________________________________________ >>> > > >> Sig-wsh mailing list >>> > > >> Sig-wsh at lists.projectliberty.org >>> > > >> http://lists.projectliberty.org/mailman/listinfo/sig- >>> > > wsh_lists.projectliberty.org >>> > > >> >>> > > > >>> > > > >>> > > > _______________________________________________ >>> > > > Sig-wsh mailing list >>> > > > Sig-wsh at lists.projectliberty.org >>> > > > http://lists.projectliberty.org/mailman/listinfo/sig- >>> > > wsh_lists.projectliberty.org >>> > > > >>> > > > >>> > > > >>> > > >>> > > -- >>> > > Paul Madsen e:paulmadsen @ ntt-at.com >>> > > NTT p:613-482-0432 >>> > > m:613-282-8647 >>> > > aim:PaulMdsn5 >>> > > web:connectid.blogspot.com >>> > > >>> > > >>> > > _______________________________________________ >>> > > Sig-wsh mailing list >>> > > Sig-wsh at lists.projectliberty.org >>> > > http://lists.projectliberty.org/mailman/listinfo/sig- >>> > > wsh_lists.projectliberty.org >>> > >>> > _______________________________________________ >>> > Sig-wsh mailing list >>> > Sig-wsh at lists.projectliberty.org >>> > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org >>> > >>> > >>> ------------------------------------------------------------------------ >>> > >>> > No virus found in this incoming message. >>> > Checked by AVG. >>> > Version: 7.5.524 / Virus Database: 270.4.1/1518 - Release Date: >>> 25/06/2008 9:46 AM >>> > >>> >>> -- >>> Paul Madsen e:paulmadsen @ ntt-at.com >>> NTT p:613-482-0432 >>> m:613-282-8647 >>> aim:PaulMdsn5 >>> web:connectid.blogspot.com >>> >>> >>> _______________________________________________ >>> Sig-wsh mailing list >>> Sig-wsh at lists.projectliberty.org >>> http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org >> >> >> >> _______________________________________________ >> Sig-wsh mailing list >> Sig-wsh at lists.projectliberty.org >> http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org >> >> >> >> >> -- >> Britta Glade >> Liberty Alliance >> 925-254-4233 >> _______________________________________________ >> Sig-wsh mailing list >> Sig-wsh at lists.projectliberty.org >> http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org > > _______________________________________________ > Sig-wsh mailing list > Sig-wsh at lists.projectliberty.org > http://lists.projectliberty.org/mailman/listinfo/sig-wsh_lists.projectliberty.org -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.projectliberty.org/pipermail/sig-wsh_lists.projectliberty.org/attachments/20080625/3695cea3/attachment-0001.html