3 Future Work

• Elaborate more compliance categories

References

[TAS3BIZ]

Sampo Kellomäki, ed.: "TAS3 Business Model", TAS3 Consortium, 2009. Document: draft-sampo-tas3-biz-model-2009-v03.pdf

[TAS3THREAT]

Sampo Kellomäki, ed.: "TAS3 Threat Analysis", TAS3 Consortium, 2009. Document: tas3-threats-vXX.pdf

[TAS3ARCH]

Sampo Kellomäki, ed.: "TAS3 Architecture", TAS3 Consortium, 2009. Document: tas3-arch-vXX.pdf

[TAS3PROTO]

Sampo Kellomäki, ed.: "TAS3 Protocols and Concrete Architecture", TAS3 Consortium, 2009. Document: tas3-proto-vXX.pdf

[TAS3COMPLIANCE]

Sampo Kellomäki, ed.: "TAS3 Compliance Requirements", TAS3 Consortium, 2009. Document: tas3-compliance-vXX.pdf

[TAS3GLOS]

Sampo Kellomäki, ed.: "TAS3 Gloassary", TAS3 Consortium, 2009. Document: tas3-glossary-vXX.pdf

[TAS3CONSOAGMT]

"TAS3 Consortium Agreement", TAS3 Consortium, 2008. (Not publicly available.)

[IAF]

Russ Cutler, ed.: "Identity Assurance Framework", Liberty Alliance, 2007. File: liberty-identity-assurance-framework-v1.0.pdf (from http://projectliberty.org/liberty/resource\_center/papers)

[IGF]

"An Overview of the Identity Governance Framework", Liberty Alliance, 2007. File: overview-id-governance-framework-v1.0.pdf (from http://projectliberty.org/liberty/resource\_center/papers)

[LibertyLegal]

Victoria Sheckler, ed.: "Contractual Framework Outline for Circles of Trust", Liberty Alliance, 2007. File: Liberty Legal Frameworks.pdf (from http://projectliberty.org/liberty/resource\_center/papers)

[SAML11core]

SAML 1.1 Core, OASIS, 2003

[SAML11bind]

"Bindings and Profiles for the OASIS Security Assertion Markup Language (SAML) V1.1", Oasis Standard, 2.9.2003, oasis-sstc-saml-bindings-1.1

[IDFF12]

http://www.projectliberty.org/resources/specifications.php

[IDFF12meta]

Peted Davis, Ed., "Liberty Metadata Description and Discovery Specification", version 1.1, Liberty Alliance Project, 2004. (liberty-metadata-v1.1.pdf)

[SAML2core]

"Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0", Oasis Standard, 15.3.2005, saml-core-2.0-os

[SAML2prof]

"Profiles for the OASIS Security Assertion Markup Language (SAML) V2.0", Oasis Standard, 15.3.2005, saml-profiles-2.0-os

[SAML2bind]

"Bindings for the OASIS Security Assertion Markup Language (SAML) V2.0", Oasis Standard, 15.3.2005, saml-bindings-2.0-os

[SAML2context]

"Authentication Context for the OASIS Security Assertion Markup Language (SAML) V2.0", Oasis Standard, 15.3.2005, saml-authn-context-2.0-os

[SAML2meta]

Cantor, Moreh, Phipott, Maler, eds., "Metadata for the OASIS Security Assertion Markup Language (SAML) V2.0", Oasis Standard, 15.3.2005, saml-metadata-2.0-os

[SAML2security]

"Security and Privacy Considerations for the OASIS Security Assertion Markup Language (SAML) V2.0", Oasis Standard, 15.3.2005, saml-sec-consider-2.0-os

[SAML2conf]

"Conformance Requirements for the OASIS Security Assertion Markup Language (SAML) V2.0", Oasis Standard, 15.3.2005, saml-conformance-2.0-os

[SAML2glossary]

"Glossary for the OASIS Security Assertion Markup Language (SAML) V2.0", Oasis Standard, 15.3.2005, saml-glossary-2.0-os

[XML-C14N]

XML Canonicalization (non-exclusive), http://www.w3.org/TR/2001/REC-xml-c14n-20010315; J. Boyer: "Canonical XML Version 1.0", W3C Recommendation, 15.3.2001, http://www.w3.org/TR/xml-c14n, RFC3076

[XML-EXC-C14N]

Exclusive XML Canonicalization, http://www.w3.org/TR/xml-exc-c14n/

[Shibboleth]

http://shibboleth.internet2.edu/shibboleth-documents.html

[XMLENC]

"XML Encryption Syntax and Processing", W3C Recommendation, 10.12.2002, http://www.w3.org/TR/xmlenc-core

[XMLDSIG]

"XML-Signature Syntax and Processing", W3C Recommendation, 12.2.2002, http://www.w3.org/TR/xmldsig-core, RFC3275

[Disco2]

Liberty ID-WSF Discovery service 2.0

[Disco12]

Liberty ID-WSF Discovery service 1.1 (liberty-idwsf-disco-svc-v1.2.pdf)

[SecMech2]

Liberty ID-WSF 2.0 Security Mechanisms

[SOAPAuthn2]

Liberty ID-WSF 2.0 Authentication Service

[SOAPBinding2]

Liberty ID-WSF 2.0 framework document that pulls together all aspects

[DST21]

Liberty Data Services Template 2.1

[DST20]

Liberty DST v2.0

[DST11]

Liberty DST v1.1

[IDDAP]

Liberty Identity based Directory Access Protocol

[IDPP]

Liberty Personal Profile specification.

[Interact11]

Liberty ID-WSF Interaction Service protocol 1.1

[FF12]

Liberty ID Federation Framework 1.2, Protocols and Schemas

[SUBS2]

Liberty Subscriptions and Notifications specification

[Schema1-2]

Henry S. Thompson et al. (eds): XML Schema Part 1: Structures, 2nd Ed., WSC Recommendation, 28. Oct. 2004, http://www.w3.org/2002/XMLSchema

[XML]

http://www.w3.org/TR/REC-xml

[RFC1950]

P. Deutcsh, J-L. Gailly: "ZLIB Compressed Data Format Specification version 3.3", Aladdin Enterprises, Info-ZIP, May 1996

[RFC1951]

P. Deutcsh: "DEFLATE Compressed Data Format Specification version 1.3", Aladdin Enterprises, May 1996

[RFC1952]

P. Deutcsh: "GZIP file format specification version 4.3", Aladdin Enterprises, May 1996

[RFC2246]

TLSv1

[RFC2251]

LDAP

[RFC3548]

S. Josefsson, ed.: "The Base16, Base32, and Base64 Data Encodings", July 2003. (Section 4 describes Safebase64)

[RFC2119]

S. Bradner, ed.: "Key words for use in RFCs to Indicate Requirement Levels", Harvard University, 1997.

[MS-MWBF]

Microsoft Web Browser Federated Sign-On Protocol Specification, 20080207, http://msdn2.microsoft.com/en-us/library/cc236471.aspx

Document ID

draft-tas3-compliance-v05.pdf

Repository path

repo.tas3.eu:/var/lib/tas3repo/arch/tas3-compliance.pd (1.20)

      export CVSROOT=:ext:repo.tas3.eu:/var/lib/tas3repo
      cvs co arch
      cd arch
      # modify tas3-*.pd
      cvs ci -m 'What changed...'

URL path

https://portal.tas3.eu/arch/review/tas3-compliance-v05.pdf

Commenting

~

• Please comment on the TAS3WP02@LISTSERV.CC.KULEUVEN.AC.BE mailing list, or that failing, send your comments to the editor.

• Any footnotes in this document will not appear in final version. They are editorial comments that may help reviewers to put material in context.