[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Reminutes of SSTC/Focus 12 June 2001 telecon
[apologies for getting these out so late - I didn't have complete info from all the notes takers until fri eve and then I didn't get an opportunity to work on it this weekend.] minutes of SSTC/Focus 12 June 2001 telecon Administrative ============== - Membership report: new/removed members (Heather) see below - Roll call (Heather) see below - Approval of minutes for the last telecon: http://lists.oasis-open.org/archives/security-services/200105/msg00170.html with corrections from Irving Reid: http://lists.oasis-open.org/archives/security-services/200105/msg00172.html approved. - Consideration of new standing rule that allows co-chairs We need to adopt a new standing rule to allow for co-chairs. There is nothing in the OASIS by-laws that allows/denies this. Eve's candidate wording: "The SSTC shall allow for election of up to two TC chairs who share chairing responsibilities as they see fit. In this case, one of the two co-chairs shall take primary responsibility for communicating with OASIS staff." Motion to accept wording as amended. "The SSTC shall allow for election of up to two TC chairs who share chairing responsibilities as they see fit. In this case, one of the two co-chairs shall take primary responsibility for communicating with OASIS staff. This person will be designated as the 'Administrative Chair'." No objections, no abstentions, no debate. motion passed - Decision on how to choose nominees for chair (who will be Focus chair too) Eve's suggestion: "Take nominations from the floor, as for motions; require a second." Motion to do so accepted, no debate, no objections, no abstentions - Nominations and voting for new chair; handover Discussion of how to vote. First, agreement required on having 2 chairs (motion: to chose two co-chairs and to chose top two vote getters as co-chairs - passed) Nominations: Joe Pato - moved by Jeff H, seconded Pratik Pratik Mishra - moved Krishna, seconded by Phil HB Jeff Hodges - moved Marlena, seconded Joe Pato Each of the nominators gave short justification of their candidacy Vote: Joe - 27, Prateek - 11, Jeff - 30 Congratulations to Joe and Jeff and many thanks to Prateek for volunteering Jeff will act as "administrative co-chair" for now (may revise when Joe has more time later in August) - Approval of/additions to this agenda approved ACTION items ============ ACTION: Bob Blakley to develop and circulate a Word template for all specification contributors to use. - Target date 1 June Will do today (12 June) ACTION: Bob Blakley to propose simplified assertion data structures based on Phill's new document. - Target date 1 June This is already happening, Bob absolved ACTION: Prateek to do traceability review before the next TC telecon. Wait till things settle down and then review later ACTION: Jeff Hodges to update the Glossary to reflect F2F #2 decisions. - Target date 12 June 01 Not done. Jeff to talk with Bob on how to do this (offline) ACTION: Eve to create master bibliography and provide bibliography section for document guidelines. - Target date 5 June 01 Not done yet - Eve anticipates more time now and will have new target date of June 15 ACTION: Subgroup leaders to get new materials to BobB (and security- editors list) by COB June 14 in preparation for publishing the F2F versions of the spec. no "action" required from group; Bob would like f2f-inclusion materials to be marked as such in the email header (allows Bob to more easily search email). Please mail to security editors as well as overall list ACTION: Marlena to champion DS-1-02, Anonymity Technique, and confer with BobB and Phill. Marlena has sent out email but has not heard anything. Is waiting for more clarification on Assertions topic before pushing for this item. ACTION: Prateek to champion DS-3-03, ValidityDependsUpon. Prateek is working on this, trying to clarify notion around dependencies/relationships between assertions (subject component of an assertion being itself an assert, as well as auditing type assertions)> Prateek hopes to have something in the next couple of days. ACTION: Dave to champion DS-4-01, Top or Bottom Typing. Still needs to be discussed ACTION: Jeff to champion DS-4-02, XML Terminology, aka Messages and Packaging. Onto do list ACTION: Tim and Dave to brainstorm further on how to proceed with DS-4-03, Assertion Request Template. Dave is starting to generate instances of queries and trying to write these in his proposed syntax. F2F #3 ====== - Meeting page Does contain hotel info, Eve will maintain the meeting page, if J&J notify Eve with agenda info. J&J to talk to Eve offline - Evite status Please respond if you have not already done so - we do not yet have quorom and need to find out what is happening (real meeting or focus meeting) - Goals for this F2F: . Review and approve as much of the design as possible . Assess plans for implementation and conformance . Figure out the end-game schedule Subcommittee reports ==================== - Issues list (Hal) Hal went thru the recent changes in the issues list and color schemes. - Focus (Eve for now) Had an interesting meeting last week. Uncovered misunderstandings of assertions Vs claims. May be we will use atoms, molecules instead of assertions/claims. There is no TC recommendation yet. The assertions structure is still fluid. - Bindings (Prateek) There are three issues which the group wanted to raise : Terminology, Use of public registry and subject attributes to a SOAP payload. The issues would be added to the issues list - Conformance (Krishna) Had sent the conformance clause to the list. Wanted comments and ideas from the TC. At f2f we will have the conformance clause document and also the conformance program document to review and discuss. - Considerations (Jeff) They have pointed to applicable material (e.g. from Shibboleth and IETF guidelines), but haven't done too much else yet. There's a fair amount of analysis that needs to be done. Jeff may need to hand over some or all of this work; Hal may be able to help. - Sessions (Hal) Pretty inactive lately; Dave has been working on assertion structures instead. Hal will take up the most recent action item on session issues. - Pass-through (Stephen) No info. Liaison reports =============== XKMS, XML Encryption, XML Protocol, BEEP, Shibboleth, DSML, XACML... XACML: Hal has been doing some championing of the potential uses of XACML in SAML. Everyone should read that thread. Technical issues to discuss/approve =================================== None; use this time to get agreement on how to proceed with assertion schema? Open mike (new issues) ====================== Three new issues arose in our discussion of the binding group's work. Adjourn ======= (Next meeting: 19 JUne 2001 Focus telecon; +1 334 262 0740 participant code #856956) adjourned. Focus subcommittee agenda ========================= - Latest issues list: http://lists.oasis-open.org/archives/security- services/200105/doc00011.doc - Core assertions structure/completeness work Dave's review of his latest proposal: First diagram is recursive top-typed assertions. Molecules can contain other molecules. Second diagram is three-level top-typed assertions. This uses compounds, molecules, and atoms distinctly. Third diagram is Phill's core-07 model. He prefers the recursive structure; reusing the same structure at different levels is appealing. He'd like us to talk about that. Eve's review of her latest proposal: It looks somewhat like Dave's second diagram, but is less specific about XML type hierarchies. Regarding process: She'd like to see us ensure that we are confident about our list of items to cover in the XML representation, and then work on their configuration, and only then worry about naming (basically a top-down approach). Dave commented that our approach to querying will have a moderate impact on the kind of assertion language we design. How does the stuff in core-07 relate to Tim's protocol writeup? There seems to be somewhat of a disconnect. Tim suggested that the first priority is whether to reuse an existing query language. Dave spoke in favor of XML Query (loosely typed) rather than a SAML-specific (strongly typed) method. BobB asked: If you have a notion of recursive assertions, what do you request in order to get that back as a response? Dave suggested that this be added to Tim's other scenarios. Eve asked when you ever need a true query, as opposed to merely a confirmation that (e.g.) a particular authorization assertion is true. How many questions do we really need to ask of SAML authorities? When do you cross the line into querying a policy store? Gil: This may be an issue of performance and scalability. Dave: There are three approaches: - (Eve) Lock down the specific list of requests - (Phill) Middle ground, strongly typed queries - (Dave) Lots of expressiveness, weakly typed queries BobB: The more extensible it is, the more non-understandable forms are possible, sometimes causing interoperability issues. Gil: Some "well-formed" queries may be unanswerable by a particular authority. Dave: So precisely where do we want to allow extensibility when it comes to requests and queries? Jeff's summary: - Some of the information in table #1 of protocols-00 answers the questions Eve raised. - Are we designing our own query language, or are we intending to profile XML Query, or do we really need "queries" for our SAML requests? - There's a question about whether schemas for assertions are related to schemas for queries/requests. We need to design the atoms in order to get guidance on the higher levels. ACTION: Dave and Eve will try to combine and flesh out their assertion proposals for the purposes of the F2F version of the spec, and check with Phill to see if he wants to move forward with that or propose a core-08 alternative. Whatever proposals are available will be put into the assertion chapter of the spec. --- end
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC