[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: MINUTES OASIS IDCloud TC Meeting 06 February 2012
---------------------------------------- DRAFT MINUTES OASIS IDCloud TC Meeting 06 February 2012, 02:00pm to 03:00pm ET ---------------------------------------- Scribe: Gershon Janssen 1. Roll Call and Agenda Review Name Status ---- ------ Anil Saldhana Member David Kern Member Gershon Janssen Member Matthew Rutkowski Member Roger Bass Member Dominique Nguyen Member Cathy Tilton Member Rich Furr Member Observers: None. 8 people joined the meeting. This meeting quorates. Member status status changes: Lost voting rights: None. Gained voting rights: None. Now: 11 voting members in TC. 2. Approval of Minutes - 23 Jan 2012 Meeting: http://lists.oasis-open.org/archives/id-cloud/201201/msg00009.html Dominique Nguyen moves to approve the 23/Jan minutes. Roger seconds. No discussion; motion carries. 3. Use Case Document * Public Review Status Anil: - Matt put forward a request to the TC-admin; hopefully it gets published this week. - 15-day review; after the 15-day review, working on received comments, etc. we can formalize the Use Case document. Roger: - Question: will there be an HTML version available? Matt: - Word version is the proper document; HTML will be created though will not be the master version. - referencing from other docs, though, should be the PDF rather than the HTML. 4. Gap Analysis Document Gershon: - Talks to group through revision 1a of the gap analysis document and progress made during the informal gap analysis calls. - Process currently is to perform a coarse gap analysis for all use cases. First step is to identify standards only / identify relevant standards to all use cases - Ask input on the following: - list of standards in chapter 2 of the document: split out in available versions of standards? e.g. oAuth 1.0 oAuth 2.0 - Split out in various separate parts? e.g. OpenID consists of OpenID Authentication 2.0 (txt), OpenID Attribute Exchange 1.0 (txt), OpenID Provider Authentication Policy Extension 1.0 (txt), OpenID Authentication 1.1 (txt), OpenID Simple Registration Extension 1.0 (txt) and Yadis Discovery Protocol (Developed separately from OpenID, though used in 2.0). - Categorization for standards; what normalization to use? Matt: - Breaking it down by versions seems needed; e.g. oAuth 1.1 versus oAuth 2.0 - Also when talking about frameworks of standards, such as OpenID connect, we need to break it down in order to know what we are talking about. - About categorization of standards, consider using the already existing use case categorization. o this might be difficult with framework standards such as OpenID Connect Matt: - Trust between standards seems an important topic for us. - OASIS EICTEM is also looking at this. - Ask trust elevation TC to explain to us what they know and maybe help us with some frameworks, etc. for our benefit? Trust levels / definitions / gaps in with respect to trust; what framework do we analyse against. - AI for Matt: to post document to their list to ask for guidance on trust frameworks or pointers Anil: - trust elevation TC is at the use case gathering stage. - currently talking about the 4-levels of trust (NIST definition). Cathy: - they were also looking at the ISO version, which is broader than the NIST version. David: - There is a gap in understanding AuthN/AuthZ; any form of clearity is likely to be invaluable. Gershon: - Can we track back to initial submitters / owners of the use cases? Maybe we can ask them for their first take at the gap analysis to spur the inital discussion Next meeting on GAP analysis on upcoming Thursday. 5. Conferences Conferences coming up: - Gershon going to attend the EIC2012 6. Other Business No other business. 7. Adjourn Meeting adjourned.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]