[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [security-services] agenda: SSTC telecon meeting tuesday 15-Oct-2002
Minutes from prior meeting... ------------------------------ [security-services] Minutes for Telecon, Tuesday 1 October 2002 http://lists.oasis-open.org/archives/security-services/200210/msg00015.html Agenda Items for 15-Oct-2002... ------------------------------- 1. Roll Call 2. Approval of prior meeting's minutes (see ref above) 3. Agenda bashing 4. Review of open Action Items (AIs)... ------------------- AI-2. Carlisle Adams to take the "Standardize Issuer Name Format" back to the XACML for more clear requirements and/or proposal. AI-3. Eve to ask other TCs about how they did their charter modifications. AI-5. Rob and Irving to look over Eve's submission on fragment identifiers AI-6. Jeff to determine if conformance language around the notions of profiles vs. extensions is really an issue [in progress (will try to do this week)] AI-7. Prateek & Jeff to look at Liberty provider metadata's applicability for SAML specs [in progress (will try to do before next meeting)] AI-8. Jeff to solicit comment on draft-sstc-xmlsig-guidelines-0{2|3} from Liberty arena. [in progress] AI-9. Scott to rev the draft-sstc-xmlsig-guidelines-02 doc to -03. [will do by next meeting 29-Oct] ------------------- 5. SAML v1.0 OASIS-wide vote tally can be monitored here.. http://lists.oasis-open.org/archives/tc-voting/ cyclone: yea asn-1.com: abstain rsa: yea bea: yea sun: yea entegrity: yea b of a: yea ca: yea ean-int.org: abstain hp: yea entrust: yea sap: yea overxeer: yea quadrasis: yea usdoj.gov: yea mtgmc: yea still need ~11 "yea" votes for SAML, if there's 250 oasis members (need 10% at least to vote "yea") So there's sstc participants who've yet to vote, please encourage your OASIS corp rep to do so! 6. where are we at with a SAML v1.1? todo list from item [A] of.. [security-services] Proposed, categorized To-Do list for SAML 1.x and2.0 (SAMLng/SAML.next) http://lists.oasis-open.org/archives/security-services/200208/msg00010.html > [A] Feasible Near-term high-priority items, and bug fixes > > - Bugs that are backwards-compatible (targeted to 1.1) > - Functionality that's backwards-compatible/orthogonal and > high-priority > - The list as a whole can be completed in 3-6 months > - Any decision that needs to be made in the short term > - the below items are in no particular order (ie unprioritized) > > - Formalizing operational agreements between sites (see Liberty > provider metadata schema (section 4 of [1]) and the saml-dev > work [2], for examples; this is guidance/facilitation work rather > than protocol work) [A.1] - above will be initiated w/ AI-7 - who will take those results and fold-in what was learned from the SAML interop event? > - WS-Security profile ([3], possibly to go to WSS TC) [A.2] - done. > - Figure out versioning of modularly published profile and binding > specs [A.3] - TBD. - this one has to do with how do we define and version SAML as a whole? - don't need to answer the below scenarios on this call, but need someone to sign up to consider the question and write a proposal - presently we refer to the "SAML v1.0 specification set", and have "version" elements in assertions, request msg, and response msg. what should we do if we eg rev the bindings and profiles spec in the future, w/o making changes to -core ? what should we do if we write a separate b2b profile spec -- what's the version of that spec once approved as a OASIS std, say? > - Sharpen conformance language around the notions of profiles > vs. extensions [A.4] - this is AI-6, in progress > - Express that an assertion should not be cached [A.5] - need volunteer to consider this and see if mods to spec are needed, and propose said mods if so. > - Fix fragment identifier gaffe [4] [A.6] - mods "on the table, essentially ready to go (modulo Eve's last question)" > - Standardize issuer name formats (request came from XACML) [A.7] - this is AI-2 > - Fix xmldsig issues (might turn out to be a [B] item) [5] [A.8] - for 1.1, this will be addressed by Scott's dsig doc (yes?) 7. Discussion of xmldsig guidelines - scott will have a -03 rev out by next meeting - further discussion from thread on list? 8. Discussion of credentials collection (?) 9. any other business? 10. adjourn
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC