OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [security-services] Agenda for con-call, 12 noon Eastern Time (US),February 4, 2003

Agenda for Tuesday, February 4, 2003

Call-in Numbers:

+1 334 262 0740

code: 856956

Courtesy: SUN microsystems

 

1. Agenda bashing

2. Acceptance of minutes from January 21 Con Call

http://lists.oasis-open.org/archives/security-services/200301/msg00013.html

3. Review (and approve?) V1.1 work items

4. Action Item review

5. Any other business

6. Adjourn

-----------------------------------------------

3. Propopsed SAML 1.1 work items

Acceptance Criteria:

  • Bugs that are backwards-compatible (targeted to 1.1)
  • Functionality that's backwards-compatible/orthogonal and high-priority
  • The list as a whole can be completed in 3-6 months
  • Any decision that needs to be made in the short term

    • The below items are in no particular order [A.* numbering taken from original list]:

    + [A.1] Metadata for formalizing operational agreements between sites.

    1. See also AI-27 below.

    01 draft and response to reviewers comments published in

    http://lists.oasis-open.org/archives/security-services/200301/msg00020.html

    http://lists.oasis-open.org/archives/security-services/200301/msg00021.html

    http://lists.oasis-open.org/archives/security-services/200302/msg00002.html

    + [A.2] WS-Security profile ([3], possibly to go to WSS TC)

    1. Closed.

    + [A-3] Figure out versioning of modularly published profile and binding specs

    1. See AI-19 below

    + [A-4] Sharpen conformance language around the notions of profiles vs. extensions

    1. See AI-6 below

    + [A-5] Express that an assertion should not be cached

    1. Hal Lockhart's proposal: http://lists.oasis-open.org/archives/security-services/200211/msg00011.html

    + [A-6] Fix fragment identifier gaffe [4]

    1. Approved proposal on this.

    2. Needs to be incorp'd in specs.

    3. See AI-15.

    + [A-7] Standardize issuer name formats

    1. See AI-25 below.

    2. Original request came from XACML: http://lists.oasis-open.org/archives/security-services/200211/msg00012.html

    + [A-8] Fix xmldsig issues

    1. For 1.1, Scott's dsig doc to become a non-normative component of the spec set.

    http://lists.oasis-open.org/archives/security-services/200212/msg00007.html

    2. Also see AI-18.

    Additional Proposed V1.1 Work Items:

    + [A-9] Fix items from the Errata List (see AI-29)

    Jahan has published new version capturing errors to date

    http://lists.oasis-open.org/archives/security-services/200302/msg00000.html

    + Additional web browser flows as suggested by interop and Shib experiences

    Scott has published use-cases describing the proposed new flows extending

    the SAML 1.0 web browser profiles

    http://lists.oasis-open.org/archives/security-services/200302/msg00003.html

    + Review SAML error model; message from Carlisle

    http://lists.oasis-open.org/archives/security-services/200302/msg00001.html

    + Are there additional work items? We plan to VOTE and CLOSE the SAML v1.1 list on

    February 17, 2003.

    4. List of Action Items

    ------------------------

    . Action Items carried over from previous conference call:

    AI-6. Jeff to determine if conformance language around the notions of profiles vs. extensions is really an issue

    AI-12. Prateek to draft analysis of use of XML Encryption in SAML

    no champion, deferred to SAML 2.0

    AI-15. Editor (Eve) to update documents with Eve's fragment ID recommendations

    AI-18. Irving to consult w/ Merlin Hughes on current XMLDSig issues

    AI-19. RobP will go back and look in issues list and see what he can come up with wrt item [A.3] in the SAML v1.1 to-do list.

    closed

    AI-20. Eve to update specs to 1.0

    AI-25. Eve to respond to Hal's IssuerName proposal with an attribute-based & an element-based solution

    AI-26. Carlisle to update Mike Just's credentials collection proposal

    carlisle is owner but deferred to SAML 2.0

    AI-27. Prateek to rev draft-sstc-meta-data-00 and add in schema.

    done

    AI-28. RobP to have RSAS convey a new "statement of licensing intent" to the SSTC that documents the additional two claimed applicable patents in addition to the prior two.

    AI-29. Jahan to start and own Errata list for current specs

    done

    AI-30. Scott to produce use case document for destination site first flow using Web Browser Profiles (Target late January)

    done

    AI-31. Jeff to send email to list on his interpretation of IPR issues surrounding using Liberty material

    AI-32. Rob will draft a usecase for an Attribute Authority, to be examined by the TC for profiling

    AI-33. Eve to update the charter based on discussion

     

    5. Any other business?

    ----------------------

    [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

    Powered by eList eXpress LLC