Minutes of SSTC/Focus Telecon 21 August 2001

[Jeff Hodges <jhodges@oblix.com>]

Thanks to Gavenraj for taking the minutes. Lies of text from the agenda appears
in double quotes. unquoted lines are minutes proper. 

                                                                

                Meeting Minutes from 21 August OASIS SSTC/Focus telecon

Administrative
==============

 

- Membership report: new/removed members (Gavenraj)


- Roll call (Gavenraj)"

            - Send prospective and observer list

 

"- Approval of/additions to this agenda"

 

None 

 

"- Telecon Aug 7 Minutes approval"

 

            - Approval?:  Approved

 

 

"ACTION items

============

 

"ACTION: Prateek to start traceability review before the next TC telecon using
discussion-01 docs and going back to use
cases" (previous disposition: wait state)"

 

            -Wait state pass F2F

 

------

 

"ACTION: Jeff to create master bibliography and provide bibliography section
for document guidelines based on Eve's
draft submission to him. (Jeff was on the hook to try to get this done by
10-Aug)"

 

            - Evolved action item.  No one is on hook to create master
bibliography.  JeffH will work on this this week.

------

 

 

 

"ACTION: Marlena to champion DS-1-02, Anonymity Technique - status after
discussion thread of 20-aug"

 

            - Marlena is not on call.  Maintain on list.

------

 

"ACTION: Prateek to champion DS-3-03, ValidityDependsUpon."

 

            - Prateek will send out message within the next week to close out
issue but call out questions.

------

 

"ACTION: Jeff to champion DS-4-02, XML Terminology, aka Messages and
Packaging."

 

            - Still in wait state.

------

 

"ACTION: Hal to take Jeff's work on classification and composition of
Identifiers and "take it a step further".

      previous status: still on hold, but getting closer.  Bob will check with
Jeff and Hal."

 

            - Sent out message last Wednesday, "identifiers in SAML".  Closed
with discussion on list.

------

 

""ACTION: Hal to comb thru core-12 post issuance and identify those issues that
he feels it addresses (as a way to try cull
the open issues in the Issues doc).

 

see:
http://www.oasis-open.org/committees/security/docs/draft-sstc-saml-issues-04

.pdf"

 

-         Still open. "

 

- Hope to have this done today.  Half a dozen new or missed issues to go with
it.  Will make it relative to current issues list,
core-14.

 

 

Editorial deadline - Today for SAML discussion at F2F.

 

 

 

 

 

 

 

"Subcommittee reports

 

====================

 

"- Issues list (Hal)""

 

            - Minor update to issues list will be coming.

 

"- Focus (Joe for now)"

 

            - Last week, discussion were held around core-14 doc, moving to
clear definition of issues.  Today's focus group
will be around F2F scope.  Mainly six (6) issues will be discussed.

 

"- Bindings (Prateek)" 

 

            - Many threads moving forward.  A lot of material around web
browser profile.  Discussing Shibboleth profile.  More
recent thread from Hal on broader issues on further items we want to capture in
bindings.  

 

"- Conformance (Robert Griffin)"

 

            - Should bindings me part of conformance?  Do we need more
information to nail it down.

 

"- Considerations (Jeff for now)"

 

             - Laid out structure for presenting analysis on security
considerations.  Provide links to relevant discussions.  Look
at work from ebXML.  Would like to have discussion on it at F2F.

 

"- Sessions (Hal)"

 

            - Haven't not done anything.  At F2F, timeout discovery
(relationship between local and global session) and
proposed algorithm for timeout discovery.

 

"- Pass-through (Stephen)"

 

            - Not on call.  Would like email that this may be postponed.

 

Liaison reports

 

===============

 

"XKMS, XML Encryption, XML Protocol, BEEP, Shibboleth, DSML, XACML..."

 

- XKMS:  Chartered and activity proposal.  Will send note of link.  Proposing
working group to standardize XKMS.

 

-         XML Protocol:  DaveO:  No actions or phone calls from formation. 
Time is to use SAML as use call as overlap
between encryption and protocol.

 

-         BEEP:  Bindings document needs to be hacked up.  Discussions of how
to format URI that refer to stuff that are
layered on top of BEEP that may be relation to SAML.  Another thing may be BEEP
profile of SAML.

 

 

"Doc Editor/Repository report"

 

-         Bob Blakely:  Nothing to report.  People would assign line numbered
documents to PDF.  At SSTC website, in
document section under committee draft, will list what normative documents
are.  Will list supportive documents including
today's material as well as F2F.  

o       Action:  JeffH: to update web page and add docs.

o       Documents for F2F must be up by today.

 

============================

 

"Adjourn."

 

            - Moved to adjourn.

 

"Focus Team Meeting:

 

F2F #4 Planning

            Please e-mail suggestions for topics and timings for next week"

 

-         Six items discussed last week.

o       Let's clear most of the stuff that has been sitting around.

o       If you ask, you will get time.

o       Sessions needs about 20 - 30 minutes.

o       Explicit discussion on single sign-on concern should occur

o       Browser bindings.  Need to go into details, especially web browser
profiles.  Expose what is in the 25-page
document.  Half a day should be on bindings.

§         Need to get it clear on what bindings looks like.  Get a better
understanding from everyone at F2F.  Should happen
early on in the F2F.

·        What is scope of bindings that hasn't been discussed.

·        Details on profiles

·        Set time for Shibboleth individual to understand their web browser
profile.

·        Should present how they would use their architecture with SAML and see
where the deficiencies are.

·        Prateek, please send this as part of agenda (2/3 of day) to Marlena
since Bob Morgan will not be at F2F

o       Security considerations should be latter part of F2F, like the third
day.

o       JeffH:  may not be able to attend and should assign someone else also
to security considerations.

o       Conformance:  Half hour is needed.

o       Sessions:  Half hour is needed.

o       Session on core:  Phil:  2 hours. Run through docs and identify where
substantial debate.

o       Action:  Joe to send out first draft of agenda tomorrow.

o       People are to interested in using XSI Type, but possibly as
extensions.  Would like presentation from Eve on this. 
Possible interoperability issues.

§         Possibly looking for recommendation schema-wise.  What advantages and
disadvantages are.

o       DSIG:  Evan.

o       Interoperability Testing:  Latter of the F2F.  AD Hoc team should meet
after.  Half hour would be needed.

o       Boxcarring and Versioning:  Hal:  Are on list and time should be
allocated.  Boxcarring, core issue or binding issues?

o       Bindings and protocols. Prateek:

o       Walkthrough of schema and core issues:  Phil

 

 

-         Document owners