incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Krishna Sankar" <ksan...@cisco.com>
Subject RE: Revised OpenSAML proposal
Date Sun, 09 Feb 2003 21:12:02 GMT
Dims,

	Sorry for the delay in responding - am still traveling.

	As the role of JSR 155 spec lead, I applaud and support this
effort. The JSR155 team would work with the proposed initiative. We also
plan to seek more synergies like RI et al in the near future.

cheers 

> -----Original Message-----
> From: Davanum Srinivas [mailto:dims@yahoo.com] 
> Sent: Thursday, January 30, 2003 9:21 AM
> To: general@incubator.apache.org
> Cc: Krishna Sankar; Sandeep Kumar
> Subject: Re: Revised OpenSAML proposal
> 
> 
> CC'ing Sandeep and Krishna - the co-leads for JSR 155. 
> 
> Thanks,
> dims
> 
> --- Scott Cantor <cantor.2@osu.edu> wrote:
> > A revised proposal with the references to WS-Sec removed by 
> general consent of the parties
> > involved.
> > 
> > --- Scott
> > 
> > --- 
> > 
> > Proposal for OpenSAML, A Web Services Subproject (via Incubator)
> > 
> > 28 January 2003,
> > Davanum Srinivas (dims@yahoo.com), Scott Cantor (cantor.2@osu.edu)
> > 
> > (0) rationale
> > 
> > To support SAML (Security Assertion Markup Language), 
> OpenSAML was developed by Internet2 as
> > part of the Shibboleth project
> > (http://shibboleth.internet2.edu/). The project is 
> currently hosted and managed by Internet2 at
> > http://www.opensaml.org. Both a Java
> > and C++ library are being provided and maintained, with a 
> goal of feature parity and API
> > commonality between them.
> > 
> > There is also a JSR 155 - Web Services Security Assertions
> > (http://www.jcp.org/en/jsr/detail?id=155) in progress that 
> will (in their
> > words) define a set of APIs, exchange patterns and 
> implementation to securely (integrity and
> > confidentiality) exchange assertions
> > between web services based on OASIS SAML. We could 
> implement this JSR over OpenSAML, either
> > instead of or in addition to the
> > existing API. This is analagous to the migration in Xerces 
> to JAXP when it became appropriate.
> > 
> > The ws.apache.org PMC expressed a great deal of interest in 
> the work in order to ramp up their
> > activities quickly, and appears to be
> > eager to contribute to the success of the subproject.
> > 
> > (0.1) criteria
> > 
> > Meritocracy: Design decisions have been made in 
> consultation with the Shibboleth development
> > team.
> > 
> > Community: Aside from Shibboleth, a growing community of 
> developers, mostly from higher ed, have
> > been playing with the code in their
> > projects.
> > 
> > Core Developers: Primary author is Scott Cantor, with 
> assistance from the Shibboleth development
> > team, and a few other
> > contributions, some from Apache contributors.
> > 
> > Alignment: Uses Xerces and Xalan (J and C), xml-security, 
> generally looks to Apache projects
> > before turning elsewhere, due to
> > compatibility of licensing terms and code quality and support.
> > 
> > Scope: SAML and functionality to simplify the use of SAML 
> in areas of interest. 
> > 
> > (0.2) warning signs
> > 
> > Orphaned products: Shibboleth has some momentum, and sundry 
> research projects exist that have
> > looked at OpenSAML as a possible
> > starting point.
> > 
> > Inexperience: The primary author has been coding the system 
> for about 14 months, and has 5+
> > years experience on web security
> > software, primarily in C and C++. Most of that code has 
> been made publically available and has
> > been shared explicitly with other
> > institutions. Other Shibboleth developers have contributed 
> Unix systems programming, project
> > organization, and Java experience to
> > the project, and they have open source experience as well.
> > 
> > Homogeneous Developers: Primarily one developer to this 
> point, though suggestions from other
> > developers have influenced design.
> > Project expected to support layered functionality 
> contributed by other interested parties once
> > core API stablity is reached. IRC has
> > been used extensively to discuss issues.
> > 
> > Reliance on Salaried Developers: Shibboleth is funded by 
> Internet2 at the present time, and most
> > of the development has been
> > contract work, but the entire source base has been open 
> source from the beginning.
> > 
> > No ties to other Apache Products: Extensive reliance on XML 
> and Jakarta projects, should make
> > use of and serve the forthcoming WS
> > projects.
> > 
> > Fascination with Apache Brand: Would like to foster 
> interest in and use of SAML, attract a
> > stable of developers, extend work into
> > web services, possibly explore implications of SAML and 
> Shibboleth models for SSO and identity
> > federation within other Apache
> > projects.
> > 
> > (1) scope of the subproject
> > 
> > The purpose of this subproject is to create and maintain an 
> implementation of the SAML standard,
> > as defined by the OASIS SSTC, via
> > libraries that support the messages, bindings, and profiles 
> in the standard. This might
> > eventually include reference implementations
> > of SAML authorities for testing or development use (or more 
> if there's interest). This
> > subproject might include an implementation of
> > the JSR-155 yet-to-be-published API for SAML in Java.
> > 
> > (2) identify the initial source from which the subproject 
> is to be populated 
> > 
> > http://www.opensaml.org
> > 
> > (3) identify the ASF resources to be created 
> > 
> > (3.1) mailing list(s) 
> > opensaml-user 
> > opensaml-dev 
> > 
> > 
> > (3.2) CVS repositories 
> > ws-opensaml (currently there is a cvs at cvs.internet2.edu)
> > 
> > (3.3) Bugzilla 
> > 
> > (currently, there is a bugzilla at bugzilla.internet2.edu)
> > 
> > (4) identify the initial set of committers 
> > 
> > Scott Cantor (cantor.2@osu.edu)
> > 
> > Walter Hoehn (wassa@columbia.edu)
> > 
> > Derek Atkins (warlord@mit.edu)
> > 
> > Christian Geuer-Pollmann (geuer-pollmann@nue.et-inf.uni-siegen.de)
> > 
> > Mark Wilcox (mark.wilcox@webct.com)
> > 
> > (5) identify apache sponsoring individual 
> > 
> > Davanum Srinivas (dims@yahoo.com)
> > 
> > (6) open issues for discussion
> > 
> > Are there IPR-related concerns with SAML (patents held by 
> RSA but offered royalty free)?
> > 
> > 
> > 
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> > For additional commands, e-mail: general-help@incubator.apache.org
> > 
> 
> 
> =====
> Davanum Srinivas - http://webservices.apache.org/~dims/
> 
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
> http://mailplus.yahoo.com
> 


Mime
View raw message