Prepare a new draft if needed and submit it with draft-ietf-oauth- prefix. One of the chairs will need to approve it and it will be published. I think we have wide consensus for this and this was already proposed a long time ago with no objections.
EHL > -----Original Message----- > From: Brian Campbell [mailto:bcampb...@pingidentity.com] > Sent: Tuesday, December 14, 2010 10:18 AM > To: Eran Hammer-Lahav > Cc: Torsten Lodderstedt; oauth > Subject: Re: [OAUTH-WG] Fwd: New Version Notification for draft-campbell- > oauth-saml-01 > > I don't have any objection to it and think it's probably cleaner. > > Previously I'd informally asked that the SAML profile be considered a WG > item and I don't think there was any objection. What needs to be done to > make that happen? > > If you/we take this approach, what else will you need from me? > > On Tue, Dec 14, 2010 at 9:23 AM, Eran Hammer-Lahav > <e...@hueniverse.com> wrote: > > Torsten made a good argument that now that we combined assertions and > extensions into a single mechanism, it does not make sense to make the > 'assertion' parameter required, and that some extensions will be confusing > with such a parameter name. In addition, the recent document split > demoted this specification from 'core' to 'framework' which is more friendly > to extensions and companion specifications. > > > > I would suggest we drop the assertion parameter from the spec, but add a > directly reference to the SAML assertion specification and give an example > showing the parameter. This will remove the normative language (which > really doesn't belong there - something I've long maintained), but will keep > the SAML assertion option on equal ground (directly demonstrated in the > spec). After all, you can't implement assertions just by reading the > framework spec, you still need the SAML work. > > > > This will require moving the SAML into a WG item (not a must but best) > which I am supportive of and would like to see happen quickly (in a few > days). > > > > Thoughts? > > > > EHL > > > >> -----Original Message----- > >> From: Brian Campbell [mailto:bcampb...@pingidentity.com] > >> Sent: Tuesday, December 14, 2010 8:11 AM > >> To: Torsten Lodderstedt > >> Cc: Eran Hammer-Lahav; oauth > >> Subject: Re: [OAUTH-WG] Fwd: New Version Notification for > >> draft-campbell- > >> oauth-saml-01 > >> > >> Future revisions of this SAML draft will build off whatever > >> assertion/extension mechanism is provided by the core framework spec. > >> However, some compelling reasons were previously given for keeping > >> the 'assertion' (one thread on the topic: > >> http://www.ietf.org/mail-archive/web/oauth/current/msg04401.html) > >> parameter in core. Has the thinking on that changed? > >> > >> On Tue, Dec 14, 2010 at 9:05 AM, Torsten Lodderstedt > >> <tors...@lodderstedt.net> wrote: > >> > +1 > >> > > >> > > >> > > >> > Am 14.12.2010 um 04:19 schrieb Eran Hammer-Lahav > >> <e...@hueniverse.com>: > >> > > >> >> I think the 'assertion' parameter should be moved into this draft > >> >> and > >> defined there. This will also facilitate its proper definition and > >> status (required, singular, etc.). > >> >> > >> >> EHL > >> >> > > _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
