OASIS Service Provisioning Markup Language (SPML) V2 - SAML 2.0 Profile

OASIS Service Provisioning Markup Language (SPML) V2 - SAML 2.0 Profile

<p> 1</p><p>1</p><p>2OASIS Service Provisioning Markup 3Language (SPML) v2 - SAML 2.0 4Profile</p><p>5OASIS Standard 62006 April 1</p><p>7Document identifier: pstc-spml2-saml-profile-os.pdf 8Location: http://www.oasis-open.org/committees/provision/docs/ 9Send comments to: [email protected] 10Editor: 11 Jeff Bohren, BMC ([email protected])</p><p>13Contributors: 14 Richard Sand, Tripod Technology Group 15 Blaine Busler, Tripod Technology Group 16 Robert Boucher, CA 17 Doron Cohen, BMC 18 Gary Cole, Sun Microsystems 19 Cal Collingham, CA 20 Rami Elron, BMC 21 Marco Fanti, Thor Technologies 22 Ian Glazer, IBM 23 James Hu, HP 24 Ron Jacobsen, CA 25 Jeff Larson, Sun Microsystems 26 Hal Lockhart, BEA 27 Prateek Mishra, Oracle Corporation 28 Martin Raepple, SAP 29 Darran Rolls, Sun Microsystems 30 Kent Spaulding, Sun Microsystems 31 Gavenraj Sodhi, CA 32 Cory Williams, IBM 33 Gerry Woods, SOA Software 34</p><p>20c759f64cb623dcecd6ce45eff772a26.doc 7/17/2006 3Copyright © OASIS Open 2006. All Rights Reserved. Page 1 of 15 35Abstract:</p><p>36 This specification defines usage of SAML 2.0 as a data model (profile) for SPML v2. 37Status:</p><p>38 This is an OASIS Standard document produced by the Provisioning Services Technical 39 Committee. It was approved by the OASIS membership on 1 April 2006.</p><p>40 If you are on the provision list for committee members, send comments there. If you are not 41 on that list, subscribe to the [email protected] list and send 42 comments there. To subscribe, send an email message to provision-comment- 43 [email protected] with the word "subscribe" as the body of the message. 44Copyright (C) OASIS Open 2006. All Rights Reserved.</p><p>40c759f64cb623dcecd6ce45eff772a26.doc 7/17/2006 5Copyright © OASIS Open 2006. All Rights Reserved. Page 2 of 15 45Table of contents 461. Introduction (non-normative) 4 47 1.1. Concepts 4 48 1.1.1. SAML Protocol 4 49 1.1.2. Schema 4 50 1.2. Terminology 4 512. Notation 4 523. Overview (non-normative) 5 53 3.1. SAML PSOs 5 54 3.1.1. PSO Identifier 6 55 3.1.2. PSO Data 6 56 3.2. Schema 6 57 3.3. Core Operations 6 58 3.3.1. Add Request 6 59 3.3.2. Add Response 7 60 3.3.3. Modify Request 7 61 3.3.4. Modify Response 8 62 3.3.5. Delete Request 8 63 3.3.6. Lookup Request 8 64 3.3.7. Lookup Response 8 65 3.4. Search Operations 8 66 3.4.1. Search Request 9 67 3.4.2. Search Response 9 684. Specification (Normative) 10 69 4.1. Namespaces 10 70 4.2. Core Capability 10 71 4.2.1. Element <spml:data> 10 72 4.2.2. Element <spml:modification> 10 73 4.2.3. Element <spml:schema> 10 74 4.2.4. Element <supportedSchemaEntity> 10 75 4.3. Search Capability 11 76 4.3.1. Element <spmlsearch:query> 11 77 4.4. SAML Profile Schema 11 78 4.4.1. Element <spmlSAML:schema> 11 79 4.4.2. Element <spmlSAML:objectClassDefinition> 11 80 4.4.3. Element <spmlSAML:attributeDefinition> 11</p><p>60c759f64cb623dcecd6ce45eff772a26.doc 7/17/2006 7Copyright © OASIS Open 2006. All Rights Reserved. Page 3 of 15 81Appendix A. References 12 82Appendix B. Acknowledgments 14 83Appendix C. Notices 15 84</p><p>851. Introduction (non-normative)</p><p>86 1.1. Concepts</p><p>87SPML Version 2 (SPMLv2) defines a core protocol [SPMLv2] over which different data models can 88be used to define the actual provisioning data. The combination of a data model with the SPML 89core specification is referred to as a profile. The use of SPML requires that a specific profile is used, 90although the choice of which profile is used to negatioted out-of-band by the participating parties. 91This document describes the use of the SAML protocol as a data model for SPML based 92provisioning. This profile is optional.</p><p>93 1.1.1. SAML Protocol 94The SAML 2.0 protocol [SAMLv2???] defines the syntax and processing semantics of 95assertions made about a subject by a system entity. ***Say some more here??</p><p>96 1.2. Terminology</p><p>97Within this document: 98- The term “requestor” always refers to a Requesting Authority (RA). 99- The term “provider” always refers to a Provisioning Service Provider (PSP). 100- The term “target” always refers to a Provisioning Service Target (PST). 101- The term “object” (unless otherwise qualified) refers to a Provisioning Service Object (PSO). 102- The term “client” (unless otherwise qualified) refers to a Requesting Authority (RA). 103- The term “server” (unless otherwise qualified) refers to a Provisioning Service Provider (PSP). </p><p>1042. Notation</p><p>105This specification contains schema conforming to W3C XML Schema and normative text to 106describe the syntax and semantics of XML-encoded policy statements. 107The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", 108"SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this specification are to be 109interpreted as described in IETF RFC 2119 [RFC2119] 110 "they MUST only be used where it is actually required for interoperation or to limit 111 behavior which has potential for causing harm (e.g., limiting retransmissions)" 112These keywords are thus capitalized when used to unambiguously specify requirements over 113protocol and application features and behavior that affect the interoperability and security of 114implementations. When these words are not capitalized, they are meant in their natural-language 115sense. 116This specification uses the following typographical conventions in text:</p><p>80c759f64cb623dcecd6ce45eff772a26.doc 7/17/2006 9Copyright © OASIS Open 2006. All Rights Reserved. Page 4 of 15 Format Description Indicates attributeName monospace font The name of an XML attribute. with first letter lower- cased SPMLElementName monospace font The name of an XML element with first letter capitalized that is defined as part of SPMLv2. ns:ForeignElementName monospace font The name of an XML element with namespace prefix that is defined by another specification.</p><p><SPMLElement> monospace font An instance of an XML element surrounded by <> that is defined as part of SPMLv2.</p><p><ns:ForeignElement> monospace font An instance of an XML element with namespace prefix that is defined by another specification. surrounded by <></p><p>117Terms in italic bold-face are intended to have the meaning defined in the Glossary.</p><p>118Listings of SPML schemas appear like this.</p><p>119 120Example code listings appear like this. 121Conventional XML namespace prefixes are used throughout the listings in this specification to 122stand for their respective namespaces as follows, whether or not a namespace declaration is 123present in the example: 124- The prefix saml: stands for the SAML assertion namespace [SAML]. 125- The prefix ds: stands for the W3C XML Signature namespace [DS]. 126- The prefix xsd: stands for the W3C XML Schema namespace [XS].</p><p>1273. Overview (non-normative)</p><p>128 3.1. SAML PSOs</p><p>129A PSO is represented in this binding by an SAML Attribute Assertion that is associated with a 130target-unique SAML identifier. 131The SAML Attribute Assertions are used to provide identity and attribute data for a Provisioning 132Service Object. The PSO is equivalent to a SAML Subject in this regard.</p><p>133 3.1.1. PSO Identifier</p><p>134The PSO Identifier may be one of several types of SAML NameID identifiers. However, not every 135identifier specified in SAML is allowed as an identifier for a PSO. The following SAML name 136identifiers are allowed: 137  Unspecified</p><p>138 URI: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified 139 The interpretation of the content of the element is left to individual implementations.</p><p>100c759f64cb623dcecd6ce45eff772a26.doc 7/17/2006 11Copyright © OASIS Open 2006. All Rights Reserved. Page 5 of 15 140 141  E-Mail address 142 URI: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress 143 144 Indicates that the content of the element is in the form of an email address, specifically 145 "addr-spec" as defined in IETF RFC 2822 [RFC 2822] Section 3.4.1. An addr-spec has the 146 form local-part@domain. Note that an addr-spec has no phrase (such as a common name) 147 before it, has no comment (text surrounded in parentheses) after it, and is not surrounded 148 by "<" and ">". 149 150  X509 Subject Name 151 URI: urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName 152 153 Indicates that the content of the element is in the form specified for the contents of the 154 <ds:X509SubjectName> element in the XML Signature Recommendation [XMLSig]. 155 Implementors should note that the XML Signature specification specifies encoding rules for 156 X.509 subject names that differ from the rules given in IETF RFC 2253 [RFC 2253]. 157 158  WindowsDomainQualifiedname 159 URI: urn:oasis:names:tc:SAML:1.1:nameid- 160 format:WindowsDomainQualifiedName 161 162 Indicates that the content of the element is a Windows domain qualified name. A Windows 163 domain qualified user name is a string of the form "DomainName\UserName". The domain 164 name and "\" separator MAY be omitted. 165  Kerberos 166 URI: urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos 167 168 Indicates that the content of the element is in the form of a Kerberos principal name using 169 the format name[/instance]@REALM. The syntax, format and characters allowed for the 170 name, instance, and realm are described in IETF RFC 1510 [RFC 1510]. 171 172Below is an example of a psoID using a SAML X509 NameIdentifier. 173<spml:pso xmlns:spml="urn:oasis:names:tc:SPML:2:0"> 174 <spml:psoID targetID="acme.com"> 175 <saml:NameIdentifier>cn=John Doe,dc=acme,dc=com</saml:NameIdentifier> 176 </spml:psoID> 177</spml:pso></p><p>178 3.1.2. PSO Data</p><p>179The PSO Data element contains SAML Attribute Assertions, as defined in [SAML]. Additional data 180may be included via the Open Content Model. 181<spml:pso xmlns:spml="urn:oasis:names:tc:SPML:2:0" > 182 <spml:data> 183 <saml:Attribute AttributeName="Email"> 184 <saml:AttributeValue>[email protected]</saml:AttributeValue> 185 </saml:Attribute> 186 </spml:data> 187</spml:pso></p><p>120c759f64cb623dcecd6ce45eff772a26.doc 7/17/2006 13Copyright © OASIS Open 2006. All Rights Reserved. Page 6 of 15 188 3.2. Schema</p><p>189***how to handle schema with SAML?</p><p>190 3.3. Core Operations</p><p>191 3.3.1. Add Request</p><p>192The Add Request creates PSOs. The Add Request must contain a <data> element that contains 193SAML 2.0 <Attribute> elements that define the new PSO. The Add Request may also pass a PSO 194Identifier (<psoID> element), a container PSO ID (<containerID> element), or a target ID 195(<targetID> element). If a PSO identifier is not defined in the Add Request, the new PSO Identifier 196must be returned in the Add Response. 197<spml:addRequest xmlns:spml="urn:oasis:names:tc:SPML:2:0"> 198 <spml:containerID ID="OU=accounting,DC=acme.com" targetID="acme.com "/> 199 <spml:data> 200 <saml:Attribute AttributeName="FirstName"> 201 <saml:AttributeValue>John</saml:AttributeValue> 202 </saml:Attribute> 203 <saml:Attribute AttributeName="LastName"> 204 <saml:AttributeValue>Doe</saml:AttributeValue> 205 </saml:Attribute> 206 <saml:Attribute AttributeName="Email"> 207 <saml:AttributeValue>[email protected]</saml:AttributeValue> 208 </saml:Attribute> 209 </spml:data> 210</spml:addRequest></p><p>211 3.3.2. Add Response</p><p>212The Add Response message will contain the new PSO ID (unless it was specified in the Add 213Request). If the creation of the new PSO resulted in attributes being adding or modified in the new 214PSO, the entire PSO Data should be returned in the response. 215<spml:addResponse status="spml:success" xmlns:spml="urn:oasis:names:tc:SPML:2:0"> 216 <spml:psoID targetID="acme.com"> 217 <saml:NameIdentifier>cn=John Doe,dc=acme,dc=com</saml:NameIdentifier> 218 </spml:psoID> 219 <spml:data> 220 <saml:Attribute AttributeName="FirstName"> 221 <saml:AttributeValue>John</saml:AttributeValue> 222 </saml:Attribute> 223 <saml:Attribute AttributeName="LastName"> 224 <saml:AttributeValue>Doe</saml:AttributeValue> 225 </saml:Attribute> 226 <saml:Attribute AttributeName="Email"> 227 <saml:AttributeValue>[email protected]</saml:AttributeValue> 228 </saml:Attribute> 229 <saml:Attribute AttributeName="FullName"> 230 <saml:AttributeValue>John Doe</saml:AttributeValue> 231 </saml:Attribute> 232 <saml:Attribute AttributeName="LogonID"> 233 <saml:AttributeValue>jdoe</saml:AttributeValue> 234 </saml:Attribute> 235 </spml:data> 236</spml:addResponse></p><p>140c759f64cb623dcecd6ce45eff772a26.doc 7/17/2006 15Copyright © OASIS Open 2006. All Rights Reserved. Page 7 of 15 237 3.3.3. Modify Request</p><p>238The Modify Request modifies the specified PSO. The Modify Request must always contain the PSO 239Identifier. ??Modify will always replace *all* existing values for the specified attribute? If a MVA, can 240we specify the original value so we only replace 1? Is this beyond the score here?? 241<spml:modifyRequest xmlns:spml="urn:oasis:names:tc:SPML:2:0"> 242 <spml:psoID targetID="acme.com"> 243 <saml:NameIdentifier>cn=John Doe,dc=acme,dc=com</saml:NameIdentifier> 244 </spml:psoID> 245 <spml:modification> 246 <saml:Attribute AttributeName="FirstName"> 247 <saml:AttributeValue>Jane</saml:AttributeValue> 248 </saml:Attribute> 249 </spml:modification> 250</spml:modifyRequest ></p><p>251 3.3.4. Modify Response</p><p>252If the Modify Request causes the PSO ID to change, then the Modify Response must contain the 253new PSO ID. 254<spml:modifyResponse status="spml:success" 255xmlns:spml="urn:oasis:names:tc:SPML:2:0"> 256 <spml:psoID targetID="acme.com"> 257 <saml:NameIdentifier>cn=Jane Doe,dc=acme,dc=com</saml:NameIdentifier> 258 </spml:psoID> 259</spml:modifyResponse></p><p>260 3.3.5. Delete Request</p><p>261The Delete Request deletes a specified PSO. 262<spml:deleteRequest xmlns:spml="urn:oasis:names:tc:SPML:2:0"> 263 <spml:psoID targetID="acme.com"> 264 <saml:NameIdentifier>cn=John Doe,dc=acme,dc=com</saml:NameIdentifier> 265 </spml:psoID> 266</spml:deleteRequest></p><p>267</p><p>268 3.3.6. Lookup Request</p><p>269The Lookup Request is used to retrieve the data for a specified PSO. 270<spml:lookupRequest xmlns:spml="urn:oasis:names:tc:SPML:2:0"> 271 <spml:psoID targetID="acme.com"> 272 <saml:NameIdentifier>cn=John Doe,dc=acme,dc=com</saml:NameIdentifier> 273 </spml:psoID> 274</spml:lookupRequest></p><p>275 3.3.7. Lookup Response</p><p>276The Lookup Response contains the retrieved PSO data. 277<spml:lookupResponse status="spml:success" 278xmlns:spml="urn:oasis:names:tc:SPML:2:0"> 279 <spml:psoID targetID="acme.com"></p><p>160c759f64cb623dcecd6ce45eff772a26.doc 7/17/2006 17Copyright © OASIS Open 2006. All Rights Reserved. Page 8 of 15 280 <saml:NameIdentifier>cn=John Doe,dc=acme,dc=com</saml:NameIdentifier> 281 </spml:psoID> 282 <spml:data> 283 <saml:Attribute AttributeName="FirstName"> 284 <saml:AttributeValue>John</saml:AttributeValue> 285 </saml:Attribute> 286 <saml:Attribute AttributeName="LastName"> 287 <saml:AttributeValue>Doe</saml:AttributeValue> 288 </saml:Attribute> 289 <saml:Attribute AttributeName="Email"> 290 <saml:AttributeValue>[email protected]</saml:AttributeValue> 291 </saml:Attribute> 292 <saml:Attribute AttributeName="FullName"> 293 <saml:AttributeValue>John Doe</saml:AttributeValue> 294 </saml:Attribute> 295 <saml:Attribute AttributeName="LogonID"> 296 <saml:AttributeValue>jdoe</saml:AttributeValue> 297 </saml:Attribute> 298 </spml:data> 299</spml:lookupResponse></p><p>300 3.4. Search Operations</p><p>301If the Search Capability is supported, the SAML search filters and attribute declarations should be 302used to scope the results of the search.</p><p>303 3.4.1. Search Request</p><p>304The search request can specify SAML filters and attribute declarations. 305***How to handle search base “basePSOID”? What filter mechanism to use? DSML was specifically 306applicable here.. ?? 307<spmlsearch:searchRequest xmlns:spml="urn:oasis:names:tc:SPML:2:0" 308xmlns:spmlsearch="urn:oasis:names:tc:SPML:2:0:search"> 309 <spmlsearch:query scope = "spmlsearch:oneLevel"> 310*** example: firstname = John, get email 311 </spmlsearch:query> 312</spmlsearch:searchRequest></p><p>313</p><p>314 3.4.2. Search Response</p><p>315 316<spmlsearch:searchResponse status="spml:success" 317xmlns:spml="urn:oasis:names:tc:SPML:2:0" 318xmlns:spmlsearch="urn:oasis:names:tc:SPML:2:0:search"> 319 <spml:pso> 320 <spml:psoID targetID="acme.com"> 321 <saml:NameIdentifier>cn=John Doe,dc=acme,dc=com</saml:NameIdentifier> 322 </spml:psoID> 323 <spml:data> 324 <saml:Attribute AttributeName="Email"> 325 <saml:AttributeValue>[email protected]</saml:AttributeValue> 326 </saml:Attribute> 327 </spml:data> 328 </spml:pso></p><p>180c759f64cb623dcecd6ce45eff772a26.doc 7/17/2006 19Copyright © OASIS Open 2006. All Rights Reserved. Page 9 of 15 329 <spml:pso> 330 <spml:psoID targetID="acme.com"> 331 <saml:NameIdentifier>cn=John Smith,dc=acme,dc=com</saml:NameIdentifier> 332 </spml:psoID> 333 <spml:data> 334 <saml:Attribute AttributeName="Email"> 335 <saml:AttributeValue>[email protected]</saml:AttributeValue> 336 </saml:Attribute> 337 </spml:data> 338 </spml:pso> 339</spmlsearch:searchResponse></p><p>3404. Specification (Normative)</p><p>341 4.1. Namespaces</p><p>342The SAMLv2 Profile uses the SAML 2.0 namespace which is defined as: 343 urn:oasis:names:tc:SAML:2.0 344The specification uses the prefix SAML: to refer to this namespace. 345The SAMLv2 Profile defines some elements that are specific to the profile. The namespace for the 346profile itself is defined as: 347 urn:oasis:names:tc:SPML:2:0:SAML 348The specification uses the prefix spmlSAML: to refer to this namespace.</p><p>349 4.2. Core Capability</p><p>350 4.2.1. Element <spml:data> </p><p>351The <spml:data> element MUST contain zero or many <SAML: Attribute > elements.</p><p>352 4.2.2. Element <spml:modification></p><p>353The <spml:modification> element MUST contain zero or many <SAML: Attribute > elements. The 354“modificationType” on the <spml:modification> MUST be specified.</p><p>355 4.2.3. Element <spml:schema></p><p>356***</p><p>357 4.2.4. Element <supportedSchemaEntity></p><p>358The “entityName” attribute on the <spml:supportedSchemaEntity> element MUST refer only to 359object classes defined in the referenced schema. All attributes on the referenced object classes are 360assumed to be supported. ***How this applies will depend on how we handle object classes in 361SAML??</p><p>200c759f64cb623dcecd6ce45eff772a26.doc 7/17/2006 21Copyright © OASIS Open 2006. All Rights Reserved. Page 10 of 15 362 4.3. Search Capability</p><p>363 4.3.1. Element <spmlsearch:query></p><p>364***</p><p>365 4.4. SAML Profile Schema</p><p>366***</p><p>220c759f64cb623dcecd6ce45eff772a26.doc 7/17/2006 23Copyright © OASIS Open 2006. All Rights Reserved. Page 11 of 15 367Appendix A. References</p><p>368 369 [AES] National Institute of Standards and Technology (NIST), FIPS-197: 370 Advanced Encryption Standard, 371 http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf, National 372 Institute of Standards and Technology (NIST) 373 [ARCHIVE-1] OASIS Provisioning Services Technical Committee, email archive, 374 http://www.oasis- 375 open.org/apps/org/workgroup/provision/email/archives/index.html, 376 OASIS PS-TC 377 [DS] IETF/W3C, W3C XML Signatures, http://www.w3.org/Signature/, 378 W3C/IETF 379 [GLOSSARY] OASIS Provisioning Services TC, Glossary of Terms, http://www.oasis- 380 open.org/apps/org/workgroup/provision/download.php, OASIS PS-TC 381 [RFC 2119] S. Bradner., Key words for use in RFCs to Indicate Requirement Levels, 382 http://www.ietf.org/rfc/rfc2119.txt, IETF 383 [RFC 2246] T. Dierks and C. Allen, The TLS Protocol, 384 http://www.ietf.org/rfc/rfc2246.txt, IETF 385 [SAML] OASIS Security Services TC, http://www.oasis- 386 open.org/committees/tc_home.php?wg_abbrev=security, OASIS SS- 387 TC 388 [SOAP] W3C XML Protocol Working Group, http://www.w3.org/2000/xp/Group/ 389 [SPML-Bind] OASIS Provisioning Services TC, SPML V1.0 Protocol Bindings, 390 http://www.oasis- 391 open.org/apps/org/workgroup/provision/download.php/1816/draft- 392 pstc-bindings-03.doc, OASIS PS-TC 393 [SPML-REQ] OASIS Provisioning Services Technical Committee, Requirements, 394 http://www.oasis- 395 open.org/apps/org/workgroup/provision/download.php/2277/draft- 396 pstc-requirements-01.doc, OASIS PS-TC 397 [SPML-UC] OASIS Provisioning Services Technical Committee, SPML V1.0 Use 398 Cases, http://www.oasis- 399 open.org/apps/org/workgroup/provision/download.php/988/drfat- 400 spml-use-cases-05.doc, OASIS PS-TC 401 [SPMLv2-Profile-SAML] OASIS Provisioning Services Technical Committee, SPMLv2 402 SAMLv2 Profile, OASIS PS-TC 403 [SPMLv2-Profile-XSD] OASIS Provisioning Services Technical Committee, SPML V2 404 XSD Profile, OASIS PS-TC 405 [SPMLv2-REQ] OASIS Provisioning Services Technical Committee, Requirements, OASIS 406 PS-TC 407 [SPMLv2-ASYNC] OASIS Provisioning Services Technical Committee, XML Schema 408 Definitions for Async Capability of SPMLv2, OASIS PS-TC</p><p>240c759f64cb623dcecd6ce45eff772a26.doc 7/17/2006 25Copyright © OASIS Open 2006. All Rights Reserved. Page 12 of 15 409 [SPMLv2-BATCH] OASIS Provisioning Services Technical Committee, XML Schema 410 Definitions for Batch Capability of SPMLv2, OASIS PS-TC 411 [SPMLv2-BULK] OASIS Provisioning Services Technical Committee, XML Schema 412 Definitions for Bulk Capability of SPMLv2, OASIS PS-TC 413 [SPMLv2-CORE] OASIS Provisioning Services Technical Committee, XML Schema 414 Definitions for Core Operations of SPMLv2, OASIS PS-TC 415 [SPMLv2-PASS] OASIS Provisioning Services Technical Committee, XML Schema 416 Definitions for Password Capability of SPMLv2, OASIS PS-TC 417 [SPMLv2-REF] OASIS Provisioning Services Technical Committee, XML Schema 418 Definitions for Reference Capability of SPMLv2, OASIS PS-TC 419 [SPMLv2-SEARCH] OASIS Provisioning Services Technical Committee, XML Schema 420 Definitions for Search Capability of SPMLv2, OASIS PS-TC 421 [SPMLv2-SUSPEND] OASIS Provisioning Services Technical Committee, XML Schema 422 Definitions for Suspend Capability of SPMLv2, OASIS PS-TC 423 [SPMLv2-UPDATES] OASIS Provisioning Services Technical Committee, XML Schema 424 Definitions for Updates Capability of SPMLv2, OASIS PS-TC 425 [SPMLv2-UC] OASIS Provisioning Services Technical Committee., SPML V2.0 Use 426 Cases, OASIS PS-TC 427 [WSS] OASIS Web Services Security (WSS) TC, http://www.oasis- 428 open.org/committees/tc_home.php?wg_abbrev=wss, OASIS SS-TC 429 [X509] RFC 2459 - Internet X.509 Public Key Infrastructure Certificate and CRL 430 Profile, http://www.ietf.org/rfc/rfc2459.txt 431 [XSD] W3C Schema WG ., W3C XML Schema, 432 http://www.w3.org/TR/xmlschema-1/ W3C 433 434 435</p><p>260c759f64cb623dcecd6ce45eff772a26.doc 7/17/2006 27Copyright © OASIS Open 2006. All Rights Reserved. Page 13 of 15 436Appendix B. Acknowledgments</p><p>437The following individuals were voting members of the Provisioning Services committee at the time 438that this version of the specification was issued: 439 Richard Sand, Tripod Technology Group 440 Jeff Bohren, BMC 441 Robert Boucher, CA 442 Gary Cole, Sun Microsystems 443 Rami Elron, BMC 444 Marco Fanti, Thor Technologies 445 James Hu, HP 446 Martin Raepple, SAP 447 Gavenraj Sodhi, CA 448 Kent Spaulding, Sun Microsystems 449</p><p>280c759f64cb623dcecd6ce45eff772a26.doc 7/17/2006 29Copyright © OASIS Open 2006. All Rights Reserved. Page 14 of 15 450Appendix C. Notices</p><p>451OASIS takes no position regarding the validity or scope of any intellectual property or other rights 452that might be claimed to pertain to the implementation or use of the technology described in this 453document or the extent to which any license under such rights might or might not be available; 454neither does it represent that it has made any effort to identify any such rights. Information on 455OASIS's procedures with respect to rights in OASIS specifications can be found at the OASIS 456website. Copies of claims of rights made available for publication and any assurances of licenses to 457be made available, or the result of an attempt made to obtain a general license or permission for 458the use of such proprietary rights by implementers or users of this specification, can be obtained 459from the OASIS Executive Director. 460OASIS has been notified of intellectual property rights claimed in regard to some or all of the 461contents of this specification. For more information consult the online list of claimed rights. 462OASIS invites any interested party to bring to its attention any copyrights, patents or patent 463applications, or other proprietary rights which may cover technology that may be required to 464implement this specification. Please address the information to the OASIS Executive Director. 465Copyright (C) OASIS Open 2006. All Rights Reserved. 466This document and translations of it may be copied and furnished to others, and derivative works 467that comment on or otherwise explain it or assist in its implementation may be prepared, copied, 468published and distributed, in whole or in part, without restriction of any kind, provided that the above 469copyright notice and this paragraph are included on all such copies and derivative works. However, 470this document itself may not be modified in any way, such as by removing the copyright notice or 471references to OASIS, except as needed for the purpose of developing OASIS specifications, in 472which case the procedures for copyrights defined in the OASIS Intellectual Property Rights 473document must be followed, or as required to translate it into languages other than English. 474The limited permissions granted above are perpetual and will not be revoked by OASIS or its 475successors or assigns. 476This document and the information contained herein is provided on an “AS IS” basis and OASIS 477DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO 478ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY 479RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A 480PARTICULAR PURPOSE.</p><p>300c759f64cb623dcecd6ce45eff772a26.doc 7/17/2006 31Copyright © OASIS Open 2006. All Rights Reserved. Page 15 of 15</p>

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    15 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us