[WG-FI] Implementation profile: errata or V2.1?
0 views
Skip to first unread message
Wessel, Keith
Nov 22, 2019, 4:52:37 PM11/22/19
to Kantara FI-WG
Hi, all,
Colin kindly pointed us a few weeks back to Kantara's "process" for handling errata to Kantara-approved works as well as a wiki page to post the errata we had for the implementation profile. As a refresher:
In the SAML 2.0 implementation profile, IIP-ALG06 states:
The following DigestMethod algorithms SHOULD be supported for both of the above key transport algorithms for backward compatibility.
*http://www.w3.org/2000/09/xmldsig#sha1
This requirement should be corrected to read:
The following DigestMethod algorithms MUST be supported for both of the above key transport algorithms for backward compatibility.
*http://www.w3.org/2000/09/xmldsig#sha1
I was talking with Nick just now, getting ready to post this as errata, when he suggested that we might want to rethink this. It's not likely that many are using the implementation profile, and this is definitely a minor change. Question is this: do we go ahead and post this as errata, giving folks another layer of abstraction to keep track of in understanding the profile? Or do we make this change now and start the process to approve V2.1 of the implementation profile?
I've started the process for LC approval of the deployemtn profile and don't want to muddy the waters, but as I said, this is a very small change, and it would be cleaner to just try and get it published as an updated version of the profile now.
This is contrary to what we discussed on the call a few weeks back, but I thought I'd trow it out. What do others think?
Keith
_______________________________________________
WG-FI mailing list
WG...@kantarainitiative.org
https://kantarainitiative.org/mailman/listinfo/wg-fi
Colin kindly pointed us a few weeks back to Kantara's "process" for handling errata to Kantara-approved works as well as a wiki page to post the errata we had for the implementation profile. As a refresher:
In the SAML 2.0 implementation profile, IIP-ALG06 states:
The following DigestMethod algorithms SHOULD be supported for both of the above key transport algorithms for backward compatibility.
*http://www.w3.org/2000/09/xmldsig#sha1
This requirement should be corrected to read:
The following DigestMethod algorithms MUST be supported for both of the above key transport algorithms for backward compatibility.
*http://www.w3.org/2000/09/xmldsig#sha1
I was talking with Nick just now, getting ready to post this as errata, when he suggested that we might want to rethink this. It's not likely that many are using the implementation profile, and this is definitely a minor change. Question is this: do we go ahead and post this as errata, giving folks another layer of abstraction to keep track of in understanding the profile? Or do we make this change now and start the process to approve V2.1 of the implementation profile?
I've started the process for LC approval of the deployemtn profile and don't want to muddy the waters, but as I said, this is a very small change, and it would be cleaner to just try and get it published as an updated version of the profile now.
This is contrary to what we discussed on the call a few weeks back, but I thought I'd trow it out. What do others think?
Keith
_______________________________________________
WG-FI mailing list
WG...@kantarainitiative.org
https://kantarainitiative.org/mailman/listinfo/wg-fi
Colin Wallis Kantara
Nov 24, 2019, 8:32:29 AM11/24/19
to Nick Roy, Kantara FI-WG
Indeed, and if it is a non-substantial change it would not require an All Member re-ballot IIRC the Operating Procedures.
Walter Forbes Hoehn, Jr. (wassa)
Nov 26, 2019, 10:01:35 AM11/26/19
to Wessel, Keith, Kantara FI-WG
I have a slight preference for just rev'ing the document to 1.1, but I could go either way. The process isn't that arduous.
-WFH
-WFH
Wessel, Keith
Dec 2, 2019, 10:51:29 AM12/2/19
to Kantara FI-WG
All,
I've heard no votes for publishing this as errata and several options for just updating the document to V1.1 or 2.0.
We've got a meeting on the calendar for this Wednesday. Do we want to meet and discuss this, or can we reach a consensus on the list?
Keith
I've heard no votes for publishing this as errata and several options for just updating the document to V1.1 or 2.0.
We've got a meeting on the calendar for this Wednesday. Do we want to meet and discuss this, or can we reach a consensus on the list?
Keith
Nick Roy
Dec 2, 2019, 11:23:03 AM12/2/19
to Wessel, Keith, Kantara FI-WG
We could meet this week, or do something ad-hoc next week at TechEx. I’d be fine with either, but I think we probably need to discuss. I don’t think this change is large enough to warrant a 2.0 version number, but likely a 1.1.
Best,
Nick
Best,
Nick
Walter Forbes Hoehn, Jr. (wassa)
Dec 2, 2019, 2:17:48 PM12/2/19
to Nick Roy, Kantara FI-WG
Agreed.
-WFH
> On Dec 2, 2019, at 10:22 AM, Nick Roy <nr...@internet2.edu> wrote:
>
> I don’t think this change is large enough to warrant a 2.0 version number, but likely a 1.1.
-WFH
> On Dec 2, 2019, at 10:22 AM, Nick Roy <nr...@internet2.edu> wrote:
>
> I don’t think this change is large enough to warrant a 2.0 version number, but likely a 1.1.
Judith Elaine Bush
Dec 2, 2019, 3:23:07 PM12/2/19
to Walter Forbes Hoehn, Jr. (wassa), Kantara FI-WG
I support version 1.1
Walter Forbes Hoehn, Jr. (wassa) wrote on 12/2/19 14:17:
Reply all
Reply to author
Forward
0 new messages