[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: SSTC Telecon, 18 September 2001 - minutes
Minutes for SSTC Telecon, 18 September 2001 Dial in number: +1 334 262 0740 Meeting ID#856956. Minutes taken by Gavenraj & Joe Agenda * Attendance Attached at bottom of these minutes. Quorum achieved. * Ratification of minutes from F2F#4 [Vote: Approved] * ratification retry for "green issues" in Hal's issues-to-be-closed doc (e-mail: RE: Issues to be closed at the Sept 4 Concall (revised list)31-aug-01) [Vote: Approved] [Action - Hal]: Update issues list * sponsorship of issues in saml-issues doc - issues need sponsors to stay on to-resolve for 1.0 list (extended to 9/28) - another week to raise hands & sponsor issues [Vote: Approved] * Regarding message from Karl Best - Anybody could join TC list - put proposal on table to continue on vote - to have voting members status you must be a member and to champion an issue * workload balancing - JeffH needs to pass on some tasks - Can anyone help website maintenance and document repository upload - Jeff to send out explicit requests to mailing list * uncovered tasks - DSIG profile (any takers?) - Krishna will act on this. * a SAML/Kerberos integration discussion group will be created - send mail to Joe to join him (by 9/14) => extended to 9/21 * "whiteboard issues" from F2F#4 - which are closed? - Issue owners, please be prepared to discuss status - need to prioritize (on the call? yes?) - owner will assert priority, TC can comment. (for each issue/action a want resolved by date will be assigned during the call) [Action - Bob B & Marlena]: <Subject> in Core doc to correspond to Artifact >> vexed, offline discussion. Monday - for status [Action - Bob B.]: Return of not current valid assertions to RP (e.g. post dated) >> Text in Bob's powerpoint, sending in e-mail the text. [Action - Charles]: To write a concrete proposal that would allow Authorities to provide helpful info about why certain requests failed. This would be really helpful during initial deployment when you can't figure out why things aren't working. This could/should be turned off in production. >> 8/30 - proposal sent to list [Action - Chris McClaren]: will champion the sec-consider-xx issues and drive this subprocess. >> to start this week. [Action - Chris]: to write-up versioning strategy and distribute to mailing list [done Aug 30] >> done. [Action - Don]: Smart client profile - develop a proposal >> to send out by Monday [Action - Don]: to elaborate the number of 1-1 relationships and propose how to fix the resulting scaling issues. >> to send out by Monday [Action - Gil]: [DS-6-01:Nested Attributes] Not sure how SAML could address this >> revisit at next call [Action - Gil]: To make a proposal on the mandatory use of HTTPS >> Prateek will take on. Report back end of next week. [Action - Hal & Bob B]: Artifacts are bearer instruments, Assertions are not >> E-mail, Hal doesn't believe this any more [Action - Hal]: Agrees to create a proposal that indicates why we should minimize the number of profiles, specifically "Form POST". >> Withdrawn [Action - Hal]: to take all the proposed closed issues (green) and send them out for ratification at the next concall. [Completed 8/31 - ratification awaiting next concall with quorum] >> Done [Action - Hal]: to write scenarios (and / or provide definitions) for how NameIdentifier is used (e.g., when it is in SubjectConfirmation to identify an assertion vs. when it is used to represent the assertion referent) >> Bob's slides, will send out e-mail today. [Action - Irving]: Multiple NameIdentifiers are dangerous - Irving to write up proposal. >> *** Discuss in focus meeting today [Action - Irving]: to investigate and write up WAP limits >> e-mail sent today. [Action - Jeff]: threat model discussions to be removed from the bindings doc - but rationale preserved somewhere in SAML documents. >> Handoff to Chris this week; (Prateek will join for how to split) [Action - Marlena]: SHIB desires 00-02 artifact type (anonymous user & attribute assertions - non personal identifiable info) core design issue. >> reconsidering need for this. [Action - Marlena]: to write a proposal to create another Web Browser profile that retrieves an Attribute Assertion rather than an Authentication Assertion. >> Same as above [Action - Marlena]: to write up use of artifacts for queries >> Query handle in request for assertion - anonymous subject discussion will resolve this [ACTION - Phil]: agreed, the core spec will state that all elements need to explicitly call out the SAML namespace. Phil to make changes. [Action - Phil]: Will produce a core-16 that just contains the notional and twiddles before any major changes to schema and protocols. >> processing comments from eve, looking at choice groups. end of week next. [Action - Prateek]: "Security properties of Assertion Handle" (Bob Blakley to act as reviewer). >> One more cycle through bindings con-call - at least through mid next week. Bob - may linger in review process [Action - Prateek]: Lookup by artifact: Agreed that he should submit a detailed proposal to the Core outlining specific changes to specific sections. Includes new request-response protocol not currently defined in HTTP binding >> In part addressed in core-16. status by 9/20 [Action - Prateek]: Oracle attacks WRT SOAP Profile >> References from Bob. 9/21 [Action - Prateek]: Push profile / use case to be dropped from document (Paul Leach's claim that this would assist SAML/Kerberos integration was never developed - Paul to present this case if he wishes to re-instate this profile) >> out for now. [Action - Prateek]: Should the Bindings Group select either the HTTP or SOAP protocol bindings for inclusion in the final spec? >> open - reasons for inclusion of both profiles or elimination of 1 should be sent to the list (by 9/25) [Action - Prateek]: Should the SOAP binding address the issue of intermediaries - generate proposal for how >> *** discussion at focus today [Action - Prateek]: This is an editorial issue about the names of profiles. Prateek to revise current document. >> single sign on terminology to be included in next version [Action - Simon]: write a concrete proposal that outlines the change to the nature of the authorization query. >> idle, report at next con call [Action - Tim]: First Contact - will write up what can be done with the current design. >> out with next binding doc New Items: >> prateek: pseudonym or somewhat anonymous subject identifiers Meeting Adjourned. Attendance: As of the end of the SSTC Meeting, September 18, 2001 Attendance: Voting Members Gavenraj Sodhi Access360 Irving Reid Baltimore Mack Hicks Bank of America Larry Hollowood Bank of America David Orchard BEA Krishna Sankar Cisco Ken Yagen Crosslogix Simon Godik Crosslogix Hal Lockhart Entegrity Fred Moses Entitlenet Carlisle Adams Entrust Alex Berson Entrust Robert Griffin Entrust Tim Moses Entrust Don Flinn Hitachi Joe Pato HP Jason Rouault HP Maryann Hondo IBM Marc Chanliau Netegrity Prateek Mishra Netegrity Jeff Hodges Oblix Charles Knouse Oblix Steve Anderson OpenNetwork Mark Griesi OpenNetwork Michael Lyons OpenNetwork Darren Platt RSA Jahan Moreh Sigaba Eve Maler Sun Aravindan Ranganathan Sun Ron Monzillo Sun Bob Blakley Tivoli Marlena Erdos Tivoli Sridhar Muppidi Tivoli Bob Morgan UWashington Phillip Hallam-Baker Verisign Thomas Hardjono Verisign Tony Palmer Vordel New Members Mary Ann Hondo IBM Other Attendance (Prospective Members and Observers) Scott Cantor Ohio State University Others to note Evan Prodromou RSA - Placed on observer status Kelvin Beeck Talking Blocks - Lost Membership status Nigel Edwards HP - Withdrawn
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC