[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: Minutes for Telecon, Tuesday 30 September 2003
Omitted the following Membership Status Change: Mike Beach Boeing - Requested membership 9/19/2003 -- Steve > -----Original Message----- > From: Steve Anderson > Sent: Tuesday, September 30, 2003 2:25 PM > To: oasis sstc (E-mail) > Subject: Minutes for Telecon, Tuesday 30 September 2003 > > Minutes for SSTC Telecon, Tuesday 30 September 2003 > Dial in info: +1 865-673-3239 #238-3466 > Minutes taken by Steve Anderson > > ====================================================================== > Summary > ====================================================================== > > Votes: > > - Minutes from 16 September 2003 call accepted > - To accept Eve's proposal to bulk close the remaining V1.1 > deferred issues > > Notable Decisions > > - Work item list closed, and work items that have not made > progress by 14 Oct may also be terminated > > Previous Action Items Still Open: > > - #0072: Authentication Context > - #0077: Authorization Decision Reconciliation > - #0069: Baseline Attribute Namespaces > - #0074: Create SAML 2.0 issues list > - #0065: Credentials Collector > - REASSIGNED to Tim > - #0068: Delegation and Intermediaries > - #0061: Kerberos Use Cases for SAML 2.0 > - #0064: Metadata and Exchange Protocol > - #0063: Profile Enhancements for Metadata > - #0082: Promised V2.0 Changes > - #0060: Publish pointer to SAML 1.0 Session Materials > - #0070: SAML as a SASL security mechanism > - #0059: Session Support > - #0066: SSO Profile Enhancements > - #0076: XACML Proposal for Policy Transport > > New Action Items: > > - Rob to post new F2F attendance ballot > - Eve to send out hotel info for F2F, and check on Sun rates > - Rob to draft charter changes > - Eve to update work items document to v08 > - Prateek to ping Hal for a date for AI #0077 & #0060 > - Eve to suggest categories for issues list > - Eve to indicate in the v2.0 issues doc what became of old > issues > - Prateek to ping Frederick on AI #0082 > - RLBob to ping Jeff on keeping/closing AI #0070 > > ====================================================================== > Raw Notes > ====================================================================== > > > > > Agenda: > > > > 1. Roll call > > > > - Attendance attached to bottom of these minutes > - Quorum achieved > > > > > 2. Accept minutes from previous meeting, 16 September > > < http://lists.oasis-open.org/archives/security-services/ > > 200309/msg00076.html > > > > > - [VOTE] unanimous consent, accepted > > > > > 3. October 22-24 SAML V2.0 F2F #2 logistics > > > > Host? > > Attendance confirmation ballot > > Other? > > > > - Rob: got mail from Jeff indicating that he can host at Sun > - XACML TC is planning to meet at beginning of same week > - Will XACML meet on of 22nd? > - Hal: yes, in morning, since SSTC planned to meet in PM > - discussion of location proximity > - XACML meeting in San Jose, SSTC meeting in Santa Clara > - seems to be less than 15 minutes away > - [ACTION] Rob to post new F2F attendance ballot > - Eve: suggests 2 hour lunch/travel break on 22nd > - Hal: can make sure XACML breaks early enough > - Rob: will plan SSTC F2F to run 1:30 - 4:30 on Wed, and 9:30 - 5:30 > Thurs and Fri > - Eve: someone had asked about hotels > - Scott: Marriott next to Sun > - Hal: suggests Yahoo, put in address, > - [ACTION] Eve to send out hotel info for F2F, and check on Sun rates > - Rob: would be useful to know whether cars would be necessary at > various hotels > > > > > 4. V2.0 charter clarification > > > > Now that we have agreed on a V2.0 goal statement, we need to update > > the SSTC charter (in OASIS TC process terms, it needs to be > > > "clarified"). Specifically, our list of deliverables needs to be > > updated now that we've completed 1.1. > > > > Current charter is at > > < http://www.oasis-open.org/committees/security/charter.php > > > > > OASIS TC process is at > < < http://www.oasis-open.org/committees/process.php#charter > > > > > Needs recorded approval vote of 2/3 total membership (not just > > 2/3 of a meeting with quorum) and notification/approval of OASIS > > TC Administration. > > > > - Rob: what would 2/3 of current membership be? > - Steve: 18 > - Rob: need someone to pose charter wording to list > - [silence] > - [ACTION] Rob to draft charter changes > > > > > 5. V2.0 Work Item review > > > > - Prateek: we had announced intention to close work item list about now > - [RESOLVED] Work item list closed, and work items that have not made > progress by 14 Oct may also be terminated > > > > > Identify and discuss the top priority items from the work > > list/action item list to discuss on today's con-call > > > > < http://www.oasis-open.org/committees/download.php/3530/ > > sstc-saml-scope-2.0-draft-07.doc > > > > > - [ACTION] Eve to update work items document to v08 > - Rob: still need owners for some of these > - W12 > - Prateek: not clear that this was linked to XACML > - Rob: just looking at category keywords > - Scott: thinks this was just going to be influenced by XACML- > related work > - W13 > - Eve: we deferred this, will update in v08 > - W22 > - W23 > - W24 > - W27 > - need to make sure that there aren't unassigned items that people > feel strongly about, because they will get dropped > - Rob: there have been several postings on work items > - Prateek: we had promises on dates on several action items at last > meeting > - would like to 'crack the whip' a little > - suggests a focus group call next week, to complete some of the > details discussions > - wants to clarify ownership of AIs > - Rebekah: has 2 solutions to submit, but wasn't sure how > - Rob: if you're a voting member (and she is), you can go to > 'Documents' tab on TC home page > - in 'V2.0 Working Docs' section, can click 'Add doc' > - Rebekah: has had trouble on that page, may be related to unusual > browser > - will send to list > > > > > > #0075: Attribute Reconciliation > > Owner: Rebekah Lepro > > Status: Open > > Assigned: 16 Sep 2003 > > Due: --- > > Comments: > > Active work item - Waiting for solution proposal > > XACML and SAML structure their attribute information differently. > > This needs to be addressed. > > > > - Rebekah: has something to submit later today > - [sent before end of call] > < http://lists.oasis-open.org/archives/security-services/ > 200309/msg00101.html > > - CLOSED > > > > > #0072: Authentication Context > > Owner: Jeff Hodges > > Status: Open > > Assigned: 16 Sep 2003 > > Due: --- > > Comments: > > Main task is to approrpiately move Liberty AuthContext > > specification into OASIS (so it becomes a standard). > > Jeff will ping Paul Madsen to see if he is interested. > > > > - Prateek: need to find an owner > - tentative date is still 14 Oct > - Jeff will be trying to find an owner > > > > > #0077: Authorization Decision Reconciliation > > Owner: Hal Lockhart > > Status: Open > > Assigned: 16 Sep 2003 > > Due: --- > > Comments: > > This includes issues of whether to make backwards-incompatible > > changes to the existing structure (and/or deprecate it). > > > > - Prateek: there was no promised date on this > - stays open > - [ACTION] Prateek to ping Hal for a date for AI #0077 (along with #0060) > > > > > #0069: Baseline Attribute Namespaces > > Owner: Bob Morgan > > Status: Open > > Assigned: 16 Sep 2003> > > Due: --- > > Comments: > > Use-case discussed at F2F and generally supported. Waiting for > > solution proposal. > > For example, a DSML or X.500 profile for a person's attributes > > expressed in SAML. > > > > - RLBob: still working, target date 7 Oct > - Rob: in time for focus call? > - RLBob: will try > > > > > #0074: Create SAML 2.0 issues list > > Owner: Eve Maler > > Status: Open > > Assigned: 16 Sep 2003 > > Due: --- > > > > - Eve: hasn't created formal list, but sent email before call listing > the ones she has > < http://lists.oasis-open.org/archives/security-services/ > 200309/msg00100.html > > - from email: > - Null-value attributes (saml-dev) > - Version skew confusion (between SAML and Liberty) > - Maryann: what is goal? to synch them up? > - Eve: maybe just something to be aware of as we work, > rather than a formal issue > - could be covered in the Exec Overview > - Multiple Kerb confirmation method URIs (came up at F2F) > - The individual promised V2.0 changes (see AI #83 below) > - we had categories before, and we probably need to refresh those > categories > - if anyone has suggestions, would welcome them > - [ACTION] Eve to suggest categories for issues list > > > > > #0065: Credentials Collector > > Owner: Jeff Hodges > > Status: Open > > Assigned: 16 Sep 2003 > > Due: --- > > Comments: > > Waiting on use-case proposal. > > > > - Tim: working on use case proposal > - REASSIGN to Tim > - will have draft for F2F > > > > > #0068: Delegation and Intermediaries > > Owner: Bob Morgan > > Status: Open > > Assigned: 16 Sep 2003 > > Due: --- > > Comments: > > Delegation and Intermediaries > > Use cases that support arbitrary multi-hop delegation. Liberty > > WSF supports one-hop impersonation. The relationship of this > > to WSS needs to be sorted out. This relates to the Fidelity > > need for a WSRP profile. This is related to W-11. The item > > "multi-participant transactional workflows" was folded into > > this one. > > WAITING for Use-Case proposal. > > > > - RLBob: complexity can get out of hand here > - Scott: can put use case forward > - RLBob: will target week before F2F > > > > > #0071: Enhanced Client Profiles > > Owner: Frederick Hirsch > > Status: Open > > Assigned: 16 Sep 2003 > > Due: --- > > Comments: > > Use-case discussed at F2F. Awaiting candidate solution. > > > > - Frederick sent proposal > < http://lists.oasis-open.org/archives/security-services/ > 200309/msg00084.html > > - CLOSED > > > > > #0073: Extract enhancement requests from current issues list > > Owner: Eve Maler > > Status: Open > > Assigned: 16 Sep 2003 > > Due: --- > > > > - Eve: sent email on this > < http://lists.oasis-open.org/archives/security-services/ > 200309/msg00091.html > > - [MOTION] To accept Eve's proposal to bulk close the remaining V1.1 > deferred issues > - [VOTE] passes > - [ACTION] Eve to indicate in the v2.0 issues doc what became of old > issues > - CLOSED > > > > > #0078: IssuerName Enhancement > > Owner: Rebekah Lepro > > Status: Open > > Assigned: 16 Sep 2003 > > Due: --- > > Comments: > > XACML would like to have "datatyping" of issuers. > > > > - Rebekah: just submitted > < http://lists.oasis-open.org/archives/security-services/ > 200309/msg00102.html > > - CLOSED > > > > > #0061: Kerberos Use Cases for SAML 2.0 > > Owner: John Hughes > > Status: Open > > Assigned: 15 Sep 2003 > > Due: --- > > Comments: > > John presented some Kerberos-SAML use-cases at the F2F. Next > > steps are to revise the materials and respond to comments. > > Meeting minutes describe the following next steps: (1) write up > > presentation to drill down details (2) also rollup to ensure> > > that business needs are met. > > > > - John: hopes to post on Monday > > > > > #0064: Metadata and Exchange Protocol > > Owner: Jahan Moreh > > Status: Open > > Assigned: 15 Sep 2003 > > Due: --- > > Comments: > > Means of publishing and communicating meta-data. Waiting on a > > solution proposal. > > > > - Jahan: had promised by 7 Oct, which is still the target > > > > > #0063: Profile Enhancements for Metadata > > Owner: Jahan Moreh > > Status: Open > > Assigned: 15 Sep 2003 > > Due: --- > > Comments: > > Waiting on a solution proposal. > > > > - Jahan: will provide by 14 Oct > > > > > #0082: Promised V2.0 Changes > > Owner: Eve Maler > > Status: Open > > Assigned: 16 Sep 2003 > > Due: --- > > Comments: > > Removing (core) > > Removing (core) > > Removing deprecated NameIdentifier URIs (core) > > Requiring URI references to be absolute (core) > > Disallowing as the only child of a SOAP (bindings) > > Removing deprecated artifact URI (bindings) > > > > - Covered already on call > < http://lists.oasis-open.org/archives/security-services/ > 200309/msg00100.html > > - Eve: assumes she is to implement these > - some are hers, some are Frederick's > - promises hers for 14 Oct > - Frederick is on hook for part > - [ACTION] Prateek to ping Frederick on AI #0082 > > > > > #0060: Publish pointer to SAML 1.0 Session Materials > > Owner: Hal Lockhart > > Status: Open > > Assigned: 15 Sep 2003 > > Due: --- > > > > - [ACTION] Prateek to ping Hal for a date for AI #0060 (along with #0077) > > > > > #0070: SAML as a SASL security mechanism > > Owner: Bob Morgan > > Status: Open > > Assigned: 16 Sep 2003 > > Due: --- > > Comments: > > Active work item -- waiting solution proposal. > > Defining SAML as a SASL security mechanism. > > Re-spun title of action item. > > > > - RLBob: F2F discussion was that this wasn't necessarily an AI for this > group > - to be an official IANA registered mech, it would have to be an IETF doc > - not that it isn't useful to do here, but not necessary to track > - Jeff may be the only one with strong feeling > - [ACTION] RLBob to ping Jeff on keeping/closing AI #0070 > > > > > #0059: Session Support > > Owner: John Kemp > > Status: Open > > Assigned: 15 Sep 2003 > > Due: --- > > Comments: > > Use case document was presented at the Sep 2003 F2F and will be > > revised based on comments given there. Once that is complete, a > > gap analysis between the use cases and available material in > > Liberty is required. That will be followed by a solution > > proposal. > > > > - Eve: he sent out doc > < http://lists.oasis-open.org/archives/security-services/ > 200309/msg00097.html > > - Scott: more of a defining doc, than a solution proposal, etc > - stays open > > > > > #0066: SSO Profile Enhancements > > Owner: Prateek Mishra > > Status: Open > > Assigned: 16 Sep 2003 > > Due: --- > > Comments: > > Moved to Active work item after F2F discussion and presentation > > of use-case. Candidate solution should reference both Liberty > > and SAML 1.1 draft. Need to conduct survey of "typical" data > > items transf. from SP to IdP. > > > > - Prateek: will publish by end of week > > > > > #0062: SSO with Attribute Exchange > > Owner: Prateek Mishra > > Status: Open > > Assigned: 15 Sep 2003 > > Due: --- > > Comments: > > High level use-case was presented at the F2F. Next steps are to > > specify the use-case in detail. > > > > - Prateek: use case doc has been published > < http://lists.oasis-open.org/archives/security-services/ > 200309/msg00092.html > > - CLOSED > > > > > #0076: XACML Proposal for Policy Transport > > Owner: Hal Lockhart > > Status: Open > > Assigned: 16 Sep 2003> > > Due: --- > > Comments: > > Waiting on a solution proposal. > > XACML has asked for a SAML-based solution to transporting > > requests for policies and the policies themselves. > > > > - Scott: major AI was for committee to determine whether it would own it > or defer to XACML > - stays open until Hal can speak to it > > > > > 6. Any other business > > > > - Rob: focus group con call next week? > - Tony: what's purpose? > - Prateek: to work through proposals > - Eve: won't be able to attend > - Rob: agrees we need to make progress through submitted docs > - Prateek: there will be an agenda, but it won't be a quorate call > - will state what docs we'll review > - Prateek: just realized that he can't attend > - Jahan: can only attend after 1pm ET > - Eve: may be too late to plan > - had planned alternate week editorial calls, but only as necessary > - Rob: suggests, then, that at next formal call (14 Oct), we plow > through some of these > - will return to 2 hour calls > - really need people to be prepared, having read the docs > - Eve: can we get agendas out sooner? > - Rob/Prateek: will shoot for Fri before call > - Eve: will send out edited work item list shortly after this call > - Rob: will have link to this doc off TC home page > - Eve: editorial stuff > - sent out email covering this before call > < http://lists.oasis-open.org/archives/security-services/ > 200309/msg00100.html > > - from email: > - Each lead editor to get his/her document up to V2.0 > readiness, possibly changing the data format as well > (most people were interested in using OpenOffice) > - Jahan: where can we get OpenOffice? > - Eve: openoffice.org > - Jahan: is OpenOffice required? > - Eve: left it open > - discussion of adding notes to PDF, seems you can with > Distiller > - Rob to update the website with additional material > - Eve: can talk offline about these items > - John Hughes to produce drafts of the executive and > technical overviews. (We brainstormed outlines for > these last week.) > - Eve to send out links to handy resources. (Done.) > - Eve to enhance the FAQ with additional material. > - are there any others? > - John: took action to contact Burton to get quotes for > exec overview > - Eve: will track these as separate list, and will be reflected > in each call's agenda > - Rob: when do we want F2F ballot to close? > - Eve: make it 15 Oct > > > > > 7. Adjourn > > > > - Adjourned > > > ---------------------------------------------------------------------- > > Attendance of Voting Members: > > Hal Lockhart BEA > Ronald Jacobson Computer Associates > John Hughes Entegrity Solutions > Maryann Hondo IBM > Anthony Nadalin IBM > Scott Cantor Individual > Bob Morgan Individual > Rebekah Lepro NASA > Prateek Mishra Netegrity > Senthil Sengodan Nokia > Charles Knouse Oblix > Steve Anderson OpenNetwork > Eric Gravengaard Reactivity > John Linn RSA Security > Rob Philpott RSA Security > Dipak Chopra SAP > Jahan Moreh Sigaba > Eve Maler Sun > Emily Xu Sun > > > Attendance of Observers or Prospective Members: > > Jim Lien RSA > Tim Moses Entrust > Mike Beach Boeing > > > Membership Status Changes: > > Tim Moses Entrust - Requested membership 9/18/2003 Mike Beach Boeing - Requested membership 9/19/2003 > Timo Skytta Nokia - Requested membership 9/23/2003 > Darren Platt Individual - Withdrew 9/30/2003 > Peter Davis Neustar - Granted voting status after 9/30/2003 call> > Peiyin Pai CA - Granted voting status after 9/30/2003 call > Jim Lien RSA - Granted voting status after 9/30/2003 call > > -- > Steve >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]