SSO v2.0 Proposed Recommendation: Request for Comments

Public discussion page for the IVOA SSO 2.0 Proposed Recommendation.

The latest version of the SSO Specification can be found at:

• http://www.ivoa.net/documents/SSO/20151029/index.html

Comments from the IVOA Community and TCG members during RFC period: 2015-11-01 - 2015-12-13

Comment by Pierre Fernique

1. Are there authenticated services already described in the VO registry ? and if yes, is it already in use ? Can we considered it as a reference implementation ? And in fact, do we have reference implementations ?
2. Author list and editor lists seems to not follow the current usage of IVOA. It is a little bit strange to have all the Grid and Web service group as authors, and 3 editors. Maybe it opens the question concerning the method to keep knowledge of successive editors.
3. I wonder if all complementary sections (short introduction to each authentication method) are really relevant in an IVOA standard. I would suggest to put all normative points in a dedicated section and move all explanation of existing authoritative methods in an general non normative section, or as an appendix.
4. The structuration of section 3 could be modified for avoiding the section 3.1 alone item.
5. Appendix A must have a short introduction to explain what is this long XML schema. The title "VOResource SecurityMethod extract" is definitively not clear.
6. must, may, shall... should be in uppercase in normative sections.

• p1: Andreé => André
• p4: user?s => users
• p4: service?s => service
• p4: Is => If a service
• p6: as having a em Web => ?
• p7: table 1 label strangely folded