OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Minutes for Telecon, Tuesday 22 April 2003


Minutes for SSTC Telecon, Tuesday 22 April 2003
Dial in info: +1 865 673 3239 #2383466
Minutes taken by Steve Anderson

======================================================================
                              Summary
======================================================================

  Votes:
  
    - Minutes from 15 April 2003 call accepted
    - RespondWith will be deprecated in SAML v1.1
    - Instruct editors to incorporate wording for AI #0031
      < http://lists.oasis-open.org/archives/security-services/
        msg00155.html >
    - Accept Scott's latest note on signatures
      < http://lists.oasis-open.org/archives/security-services/
        200304/msg00139.html >
    - Constrain our ID and IDRef type to bind them to xsd:ID
      and to remove the text in the spec that recommends ID assignment
      that is inconsistent with xsd:ID
    - Accept Scott's text clarifying use of base64 in FORM post
      profile
      < http://lists.oasis-open.org/archives/security-services/
        200304/msg00137.html >
    - Accept Prateek's proposed text for PE-4
      < http://lists.oasis-open.org/archives/security-services/
        200304/msg00134.html >
    - Accept the timeline as presented by Rob
      < http://lists.oasis-open.org/archives/security-services/
        200304/msg00133.html >
  
  Previous Action Items Still Open:
  
    - #0023 Editorial review of glossary and bindings
    - #0013 Request use of WS-Trust for CC proposal
    - #0004 Propose WSDL for SAML 1.1 meta-data specification

  New Action Items:
  
    - [none]
    
======================================================================
                             Raw Notes
======================================================================

> 
> Agenda:
> 
> 1. Roll call
>

- Attendance attached to bottom of these minutes
- Quorum achieved

> 
> 2. Accept minutes from previous meeting, 15 April
>    < http://lists.oasis-open.org/archives/security-services/
>      200304/msg00128.html >
>

- [VOTE] unanimous consent, accepted

> 
> 3. Discussion and Voting
>
>    (a) Proposed Timeline for SAML 1.1
>        < http://lists.oasis-open.org/archives/security-services/
>          200304/msg00133.html >
> 
>        Motion: Accept proposed time-line and move to implement plan
>

- Need a doc by 29 April to begin committee last call, if we want to 
  keep to this schedule
- Eve: thinks it is doable
    - nervous that we have to decide about the ID attributes on this
      call
    - also have to close any pending items today
- Prateek: we'll know by end of call if we can resolve all items
- Jahan: do we have the list of docs that will be published?
- Prateek: believes so
- we'll defer vote to end of call

>
>    (b) Jahan to report back on meta-data draft vs. Liberty meta-data
>        and prospects for inclusion in SAML 1.1
>

- Jahan: took a look at Liberty's metadata & discovery protocol, as
  well as our draft
    - good portion of Liberty's deals with real-time discovery of data,
      which we decided to be out of scope
    - if we keep that decision, it looks feasible to reconcile these
      in time
    - hopes by end of tomorrow, can put together a draft for people to
      look at
    - so first question is "is it ok to not say anything about how the
      information is exchanged?"
    - Scott: don't think we can afford to go there
    - Rob: agrees
    - Prateek: still thinks it's a long shot
- Rob: general question: what differences did you find?
    - Jahan: terminology differences
    - notion of more elaborate trust that we discussed, that doesn't 
      exist in Liberty
    - [a few more]
    - wants to use their terminology and water it down for our purposes
- Jahan: asks people to give it a serious read and comment on it when
  he posts it

>
> 4. Action Items
>
>    #0031 Clarify AuthorityKind description
>    Scott
> 
>    < http://lists.oasis-open.org/archives/security-services/
>      200304/msg00136.html >
>

- Scott: there's been discussion
- thinks AI is closed
- proposed reworded text
- Eve had brought up a valid point, that affect lots of things, not just
  this issue
    - not sure what the right answers are for this
- CLOSED
- Question is "what do we do?"
    - Scott: not sure we've thought it through
    - what would the WSDL definition be?
    - not sure you can talk about what's in the response
    - Eve: depends on the semantics you want
    - if you mention type name, you can mean that to be all instances
      of that type, or you can mention an element and mean just that
      instance
    - "For extension schemas, the value of AuthorityKind must be a 
      QName of one or more query elements that are desired to be 
      accepted"
    - Scott: fine with saying "if it's an extension, use a type", or
      even "use a type all the time"
    - Rob: is anyone using this?
    - Scott: we are, but would be minor change
    - Scott: believes metadata will supercede this
    - Rob: would we want to deprecate this at that time
    - Scott: probably
- Eve will produce text and we'll vote on it later in call
    - Rob: can you include some comment to the possible future 
      deprecation of this
    - Prateek: both RespondWith and this were late entrants with
      controversy

>
>    #0030 Solicit input on deprecation of RespondWith
>    Rob Philpott
> 
>    < http://lists.oasis-open.org/archives/saml-dev/
>      200304/msg00009.html >
>

- Rob sent out message
- CLOSED
- Rob: also sent it directly to Phill Hallam-Baker
- [MOTION] RespondWith will be deprecated in SAML v1.1
- Prateek: we're spending a lot of cycles on clarifying this, and no
  one seems to be actually using it
- Phill: thinks much of the protocol (as opposed to the statements)
  will be deprecated in the future
- [VOTE] no objections, passes

>
>    REVISIT #0031
>

- Eve: has proposed wording
  < http://lists.oasis-open.org/archives/security-services/
    msg00155.html >
- CLOSED
- [MOTION] Instruct editors to incorporate wording for AI #0031
- [VOTE] no objections, passes

>
>    #0029 Update core section on Versioning
>    Eve Maler
>

- Eve: did it in core-05
- CLOSED
- Rob: some of us had promised to review it, and haven't yet

>
>    #0028 Summarize protocol/assertion disjoint versioning issue
>    Scott
> 
>    < http://lists.oasis-open.org/archives/saml-dev/
>      200304/msg00135.html >
>

- Scott: there were questions about how to express what kind of
  assertions can be carried in what kind of messages
- Prateek: do we need to enter into this in v1.1?
- Scott: doesn't think so, since it isn't a problem today, but rather it
  could be at some point later
- Eve: we agreed that we won't change namespaces on minor versions, 
  right?
- Scott: said we'd avoid it
- Eve: ok, until we do, we have some breathing room
- Scott: willing to propose a sentence or two on what is legal today
- CLOSED
- Scott will propose text, and we'll vote later in call

>
>    #0027 Propose additional signature note text
>    Scott
> 
>    < http://lists.oasis-open.org/archives/security-services/
>      200304/msg00139.html >
>

- Prateek: text has been online for a while
- CLOSED
- Eve: quite liked it
- had some editorial suggestions, but never posed them
- could be handled when incorporated by editor
- [MOTION] Accept Scott's latest note on signatures
- [VOTE] no objections, passes

>
>    #0026 Rationalize SAML IDTypes with XML ID attributes
>    Eve
>
>    < http://lists.oasis-open.org/archives/saml-dev/
>      200304/msg00005.html >
>

- Eve: most responses indicated that it wouldn't be much impact to 
  accommodate XML ID type requirements
- also need to remove advice about base64 encoding
- CLOSED
- [MOTION] Constrain our ID and IDRef type to bind them to xsd:ID
  and to remove the text in the spec that recommends ID assignment that
  is inconsistent with xsd:ID
- Prateek: so we're separately adding an ID attribute
- Eve: no, we're changing the existing ID
- we've had string-based identifiers in two areas (ID & IDRef), but
  they were not suitable for things such as XML Signature, so we're 
  further constraining our IDs and changing their type so they are
  suitable for such purposes
- Scott: notes that Liberty added an ID attribute, but our change won't
  create any conflict (there will just be two ID attributes available)
- [VOTE] no objections, passes

>
>    #0025 Publish SAML 1.1 timeline
>    Rob P.
> 
>    Closed (see above)
>

- CLOSED

>
>    #0021 Text to clarify use of base64 in FORM post profile
>    Scott
> 
>    < http://lists.oasis-open.org/archives/security-services/
>      200304/msg00137.html >
>

- Scott: submitted text
- CLOSED
- [MOTION] Accept Scott's text clarifying use of base64 in FORM post
  profile
- [VOTE] no objections, passes
- Jahan: would like to close out PE15, which is related
- Eve: agrees
- we've also closed PE9 with our AuthorityKind discussion

>
>    #0018 Describe degenerate cases of RespondWith
>    Rob P.
> 
>    Subsumed by #0030 above?
>

- Rob: not much more to say about it, considering #0030
- CLOSED

>
>    #0023 Editorial review of glossary and bindings
>    Eve
>

- Eve: haven't done it yet, have to do this week
- remains OPEN

>
>    #0013 Request use of WS-Trust for CC proposal
>    Maryann Hondo
>

- Maryann not still on call
- remains OPEN

>
>    #0009 Provide text for PE-9 
>    Rob Philpott
> 
>    Again, our old friend RespondWith?
>

- Eve: we've taken care of this already on today's call
- CLOSED

>
>    #0008 Incorporate changes for PE-4
>    Prateek 
> 
>    < http://lists.oasis-open.org/archives/security-services/
>      200304/msg00134.html >
>

- Eve: had missed this
- Prateek: has proposed text
- CLOSED
- [MOTION] Accept Prateek's proposed text for PE-4
- Prateek: we are placing a URI into a byte sequence, and we need some
  guidance on how to do it
- this is in a non-normative section
- someone commented that UTF-8 is a reasonable way to do it
- this is an area of confusion in the RFCs
- UTF-8 is basically the fix to use here
- [VOTE] no objections, passes

>
>    #0004 Propose WSDL for SAML 1.1 meta-data specification
>    Prateek
> 
>    Subsumed by Meta-data discussion above?
>

- Subsumed
- remains open

>
>    #0002 Attribute authority use-case
>    Rob Philpott
>

- Rob: will be closing this, as his customer will be joining and
  championing
- CLOSED

>
>    REVISIT #0028
>

- Scott: has proposed wording
- will discuss on list

> 
> 5. Any other business
>

- REVISIT timeline vote
    - Eve: believes she can, but COB Friday, get versions out that 
      people can review and commit to
    - will be out for around 3 weeks after that
    - Prateek: has time to commit to review
    - Rob: will attempt to as well
    - Prateek: our intent then is to close our drafts on next call
    - Eve: concerning attestations, thinks previous attesters can
      choose to claim being updated to v1.1, rather than going
      feature-by-feature
    - [MOTION] Accept the timeline as presented by Rob
    - [VOTE] no objections, passes
- Hal: brief announcement
    - will be speaking at NAC spring meeting next week, representing
      OASIS

> 
> 6. Adjourn
>

- Adjourned


----------------------------------------------------------------------

Attendance of Voting Members:

  Irving Reid Baltimore
  Hal Lockhart BEA
  John Hughes Entegrity Solutions
  Carlisle Adams Entrust
  Scott Cantor Individual
  Simon Godik Individual
  Bob Morgan Individual
  Prateek Mishra Netegrity
  Charles Knouse Oblix
  Steve Anderson OpenNetwork
  Rob Philpott RSA Security
  Jahan Moreh Sigaba
  Eve Maler Sun
  Emily Xu Sun
  Phillip Hallam-Baker Verisign


Attendance of Observers or Prospective Members:

  Maryann Hondo IBM


Membership Status Changes:

  Jason Rouault HP - Lost voting status due to inactivity
  Timo Skytta Nokia - Granted voting status after call
  Clifford Thompson Individual - Granted voting status after call
  Padraig Moloney NASA - Granted voting status after call

--
Steve



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]