[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Reminutes of SSTC/Focus 12 June 2001 telecon
[apologies for getting these out so late - I didn't have complete info from all
the notes takers until fri eve and then I didn't get an opportunity to work on
it this weekend.]
minutes of SSTC/Focus 12 June 2001 telecon
Administrative
==============
- Membership report: new/removed members (Heather)
see below
- Roll call (Heather)
see below
- Approval of minutes for the last telecon:
http://lists.oasis-open.org/archives/security-services/200105/msg00170.html
with corrections from Irving Reid:
http://lists.oasis-open.org/archives/security-services/200105/msg00172.html
approved.
- Consideration of new standing rule that allows co-chairs
We need to adopt a new standing rule to allow for co-chairs. There is nothing in
the OASIS by-laws that allows/denies this.
Eve's candidate wording:
"The SSTC shall allow for election of up to two TC chairs who share
chairing responsibilities as they see fit. In this case, one of the
two co-chairs shall take primary responsibility for communicating
with OASIS staff."
Motion to accept wording as amended.
"The SSTC shall allow for election of up to two TC chairs who share
chairing responsibilities as they see fit. In this case, one of the
two co-chairs shall take primary responsibility for communicating
with OASIS staff. This person will be designated as the 'Administrative
Chair'."
No objections, no abstentions, no debate. motion passed
- Decision on how to choose nominees for chair (who will be Focus chair
too)
Eve's suggestion:
"Take nominations from the floor, as for motions; require a second."
Motion to do so accepted, no debate, no objections, no abstentions
- Nominations and voting for new chair; handover
Discussion of how to vote.
First, agreement required on having 2 chairs (motion: to chose two
co-chairs and to chose top two vote getters as co-chairs - passed)
Nominations:
Joe Pato - moved by Jeff H, seconded Pratik
Pratik Mishra - moved Krishna, seconded by Phil HB
Jeff Hodges - moved Marlena, seconded Joe Pato
Each of the nominators gave short justification of their candidacy
Vote: Joe - 27, Prateek - 11, Jeff - 30
Congratulations to Joe and Jeff and many thanks to Prateek for volunteering
Jeff will act as "administrative co-chair" for now (may revise when Joe has
more time later in August)
- Approval of/additions to this agenda
approved
ACTION items
============
ACTION: Bob Blakley to develop and circulate a Word template for all
specification contributors to use.
- Target date 1 June
Will do today (12 June)
ACTION: Bob Blakley to propose simplified assertion data structures based
on Phill's new document.
- Target date 1 June
This is already happening, Bob absolved
ACTION: Prateek to do traceability review before the next TC telecon.
Wait till things settle down and then review later
ACTION: Jeff Hodges to update the Glossary to reflect F2F #2 decisions.
- Target date 12 June 01
Not done. Jeff to talk with Bob on how to do this (offline)
ACTION: Eve to create master bibliography and provide bibliography section
for document guidelines.
- Target date 5 June 01
Not done yet - Eve anticipates more time now and will have new target date
of June 15
ACTION: Subgroup leaders to get new materials to BobB (and security-
editors list) by COB June 14 in preparation for publishing the F2F
versions of the spec.
no "action" required from group; Bob would like f2f-inclusion materials to
be marked as such in the email header (allows Bob to more easily search
email). Please mail to security editors as well as overall list
ACTION: Marlena to champion DS-1-02, Anonymity Technique, and confer with
BobB and Phill.
Marlena has sent out email but has not heard anything. Is waiting for more
clarification on Assertions topic before pushing for this item.
ACTION: Prateek to champion DS-3-03, ValidityDependsUpon.
Prateek is working on this, trying to clarify notion around
dependencies/relationships between assertions (subject component of an
assertion being itself an assert, as well as auditing type assertions)>
Prateek hopes to have something in the next couple of days.
ACTION: Dave to champion DS-4-01, Top or Bottom Typing.
Still needs to be discussed
ACTION: Jeff to champion DS-4-02, XML Terminology, aka Messages and
Packaging.
Onto do list
ACTION: Tim and Dave to brainstorm further on how to proceed with DS-4-03,
Assertion Request Template.
Dave is starting to generate instances of queries and trying to write these
in his proposed syntax.
F2F #3
======
- Meeting page
Does contain hotel info, Eve will maintain the meeting page, if J&J notify
Eve with agenda info. J&J to talk to Eve offline
- Evite status
Please respond if you have not already done so - we do not yet have quorom
and need to find out what is happening (real meeting or focus meeting)
- Goals for this F2F:
. Review and approve as much of the design as possible
. Assess plans for implementation and conformance
. Figure out the end-game schedule
Subcommittee reports
====================
- Issues list (Hal)
Hal went thru the recent changes in the issues list and color schemes.
- Focus (Eve for now)
Had an interesting meeting last week. Uncovered
misunderstandings of assertions Vs claims. May be we will use atoms,
molecules instead of assertions/claims. There is no TC recommendation yet.
The assertions structure is still fluid.
- Bindings (Prateek)
There are three issues which the group wanted to raise :
Terminology, Use of public registry and subject attributes to a SOAP
payload. The issues would be added to the issues list
- Conformance (Krishna)
Had sent the conformance clause to the list. Wanted
comments and ideas from the TC. At f2f we will have the conformance clause
document and also the conformance program document to review and discuss.
- Considerations (Jeff)
They have pointed to applicable material (e.g. from Shibboleth and IETF
guidelines), but haven't done too much else yet. There's a fair amount of
analysis that needs to be done. Jeff may need to hand over some or all of
this work; Hal may be able to help.
- Sessions (Hal)
Pretty inactive lately; Dave has been working on assertion structures
instead. Hal will take up the most recent action item on session issues.
- Pass-through (Stephen)
No info.
Liaison reports
===============
XKMS, XML Encryption, XML Protocol, BEEP, Shibboleth, DSML, XACML...
XACML: Hal has been doing some championing of the potential uses of XACML
in SAML. Everyone should read that thread.
Technical issues to discuss/approve
===================================
None; use this time to get agreement on how to proceed with assertion
schema?
Open mike (new issues)
======================
Three new issues arose in our discussion of the binding group's work.
Adjourn
=======
(Next meeting: 19 JUne 2001 Focus telecon; +1 334 262 0740 participant
code #856956)
adjourned.
Focus subcommittee agenda
=========================
- Latest issues list:
http://lists.oasis-open.org/archives/security-
services/200105/doc00011.doc
- Core assertions structure/completeness work
Dave's review of his latest proposal:
First diagram is recursive top-typed assertions. Molecules can contain
other molecules. Second diagram is three-level top-typed assertions. This
uses compounds, molecules, and atoms distinctly. Third diagram is Phill's
core-07 model.
He prefers the recursive structure; reusing the same structure at different
levels is appealing. He'd like us to talk about that.
Eve's review of her latest proposal:
It looks somewhat like Dave's second diagram, but is less specific about
XML type hierarchies. Regarding process: She'd like to see us ensure that
we are confident about our list of items to cover in the XML
representation, and then work on their configuration, and only then worry
about naming (basically a top-down approach).
Dave commented that our approach to querying will have a moderate impact on
the kind of assertion language we design.
How does the stuff in core-07 relate to Tim's protocol writeup? There
seems to be somewhat of a disconnect. Tim suggested that the first
priority is whether to reuse an existing query language. Dave spoke in
favor of XML Query (loosely typed) rather than a SAML-specific (strongly
typed) method.
BobB asked: If you have a notion of recursive assertions, what do you
request in order to get that back as a response? Dave suggested that this
be added to Tim's other scenarios.
Eve asked when you ever need a true query, as opposed to merely a
confirmation that (e.g.) a particular authorization assertion is true. How
many questions do we really need to ask of SAML authorities? When do you
cross the line into querying a policy store? Gil: This may be an issue of
performance and scalability.
Dave: There are three approaches:
- (Eve) Lock down the specific list of requests
- (Phill) Middle ground, strongly typed queries
- (Dave) Lots of expressiveness, weakly typed queries
BobB: The more extensible it is, the more non-understandable forms are
possible, sometimes causing interoperability issues. Gil: Some
"well-formed" queries may be unanswerable by a particular authority. Dave:
So precisely where do we want to allow extensibility when it comes to
requests and queries?
Jeff's summary:
- Some of the information in table #1 of protocols-00 answers the questions
Eve raised.
- Are we designing our own query language, or are we intending to profile
XML Query, or do we really need "queries" for our SAML requests?
- There's a question about whether schemas for assertions are related to
schemas for queries/requests. We need to design the atoms in order to get
guidance on the higher levels.
ACTION: Dave and Eve will try to combine and flesh out their assertion
proposals for the purposes of the F2F version of the spec, and check with
Phill to see if he wants to move forward with that or propose a core-08
alternative. Whatever proposals are available will be put into the
assertion chapter of the spec.
---
end
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC