OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Minutes for Telecon, Tuesday 17 February 2004


Action items
Hal will generate a posting on possible need to liaison.
Maryann will consult with Michael and Tony regarding work item W5b and will get back with the group by next call.
All: Need to comment on Scott's message on 10-Feb (msg #00102)
John H and Tim will spend early next week working on the solution proposal for W-25.
Eve: Action to implement 28-b in core.
ALL: Please review the current action items and update them. Prateek will follow up.
Minutes for SSTC Conference Call, February 17
--------------------------------------------
Roll call.  Attached to end of minutes.
Quorum achieved.
1. Accept minutes from the February (2-5) F2F meeting at Burlington, MA
<http://lists.oasis-open.org/archives/security-services/200402/msg00123.html>
Eve Maler moves to accept minutes of F2F meeting. Raj Sodhi seconds the motion. No objections. Accepted by unanimous consent.
2. Interop report.
Rob reported that interop is going well. Needs a speaker from TC to participate in the press conference. Rob has volunteers to be the TC representative. TC approves Rob to be the TC representative to the press event.
3. Time-lines and next F2F planning
- Next F2F Mar 30 - April 1
(Mike McIntosh to confirm hotel details etc.)
Due to flight schedules it is proposed to start the third day at 8:30 and end at 11:30 AM.
Prateek: proposes March 16 as absolute cutoff date of text for proposed specification text (no "new" text or documents after that date)
Eve: we can refine the proposed text during the focus call on the 23rd.
4. Focus call for the 24th
Due to RSA conference there will be some people who cannot make the call. Rob and Prateek may be able to call-in depending on the state of the Interop. Eve can call in Bob Morgan can call in Scott will likely be able to call in
5.Work Item Review
Work through latest version of sstc-saml-scope document available from the OASIS document repository. The following work items do not have solution proposals at this time and are at risk:
W-5b: SOAP Client Profile (Mike McIntosh, Tony Nadalin)
W-9: XML Encryption (Hal Lockhart)
W-15: Delegation and Intermediaries (bob Morgan, Scott Cantor, Ron Monzillo)
W-25: Kerberos Support (John Hughes, Tim Alsop)
W-21a: Document describing instances of "baselines attribute namespaces" (John Hughes, Prateek Mishra)
Eve walked through the document. In many cases the proposals' status is that "it passed" (based on F2F).
Prateek: does this mean that the editors will pick up material from ID-FF 1.2 and include it in the material.
Eve: Session-related editing has begun. Federation has also begun. Feredrick has split up bindings and profiles.
Eve: Notice to editors: all accepted proposed solution should be in draft by the next call.
Scott: is working through identity federation and has suggested changes to core. With this, Work Item W2 is "done".
Prateek has a number of action items with respect to SSO with attribute exchange; he will work through it.
Eve: W3 - Action on Jahan to update document.
Scott: has published schema proposal.
Jahan: Will publish a draft as soon as TC comments on Scott's schema (probably by 3/2).
W5: The cycle over the next week is John, Scott and then Eve.
W5a: Fredrick has split Binding and Profiles. There is some commonality between the two. Eve suggest that may be the commonality should move to core.
Eve: W5a is in a fairly good shape and is pending comment from TC.
W5b: SOAP client profile.
Scott: This is a good starting point but does not believe we can complete in time for 2.0.
Maryann: neither Michael nor Tony is on the call. Can I answer any questions?
Prateek: We do not know the status of the item. We have announced a cut off date. We do not have proposed text. Scott has put some proposals but we do not have a final text.
Maryann: Trying to understand what we need here.
Scott: his review resulted in identifying issues and what needs to be addressed in order to have a proposed text.
Prateek: needs to make work item owner that there is no solution proposal.
Maryann: what is the process for getting the feedback to the owners so they can respond. Scott: we are at a point that we need an absolute schema proposal.
Ron: it seems that some of the Subject discussion is about the Assertion and W5b is about interacting with an authority. Therefore, there seems to be a separation between the two.
Prateek: We need a proposal like: "modify the AuthN req/response protocol in such and such way and modify the Subject in some ways to satisfy the use case".
Maryann: It seems we have a dependency on Scott's work.
Scott: we will be done by end of this week
Prateek: there is really no dependency. There is a need for a solution proposal.
Scott: has posted a AuthN request message schema and it's already on the list. The people responsible for this work should take this AuthN request proposal and see if it fits their needs or make alternative solution proposals.
Hal: Need to liaisons with the XDI TC, which is doing work in the space of Authority Domain.
Eve: what is XDI
Hal: XRI Data Interchange. They are at the bottom of the OASIS web page.
Action Item: Hal will generate a posting on possible need to liaison.
Action Item: Maryann will consult with Michael and Tony an will get back with the group by next call.
Discovery proposal: have accepted solution proposal. Will have text by march 16 deadline.
W8: Authentication Context. Solution proposal has been accepted.
Eve: needs to be turned into a spec.
John H.: should be done by the end of this week.
W9: Hal will add proposed text this week.
W14: SAML server trust. Need to re-format.
Jeff: will do it by next week.
W15: delegation and intermediaries.
Eve: needs technical discussion. Ron has made a proposal and revised the proposal.
Eve: should discuss the proposal and vote if we can.
Ron: The document as it is written is a core document associates the assertion with the key in a way that resyricts the use of confirmation. This does not seem appropriate to him.
Scott: need lots of text and proposed changes AuthN request. Does not see if it can be done by 2.0. Need to address what "holder of key" means.
Ron: if we agree to accept Scott's req/resp then that will take us a long way towards completing this item.
Prateek: Next step: comment on what Ron and Scott have put out and start summarizing the solution.
Ron: finds a little hard to understand some of the terms (like issuer).
Action for all: Need to comment on Scott's message on 10-Feb (msg #00102)
W-19: Scott will provide text and Jeff will register a MIME type.
W-21: This item is at-risk. John H is waiting for input from Prateek and RLBob.
W-25: Kerberos support - Also at-risk; discussion has gone on, but there is no solution proposal.
Eve: Add to technical discussion list definitions and distinctions between profiles and bindings. John H and Tim will spend early next week working on the solution proposal.
W-27: Nothing new.
W-28: Eve's proposal is on the table. Rebekah asked Eve to include a bit more of her proposal for historical reference. To be discussed on next focus call. Changes are pretty minimal.
Eve: Action to implement 28-b in core.
6. Review of latest version of Issues list

Not enough time to cover this agenda item.
7. Action Item Review
Prateek will follow up with AI owners.
#0127 Remove short-lived assertion restriction from SSO Profiles
Owner: Scott Cantor
Status: Open
Comments:
Prateek Mishra 2004-02-16 14:57 GMT
I can give a hand with this (prateek)
#0126: Modify Trust Model Submission and re-cast into SAML
Owner: Jeff Hodges
Status: Open
Assigned: 16 Feb 2004
Due: ---
Comments:
----------------------------------------------------------------------------
----
#0125: Propose language to explain that AuthNResponse may contain attribute statements
Owner: Prateek Mishra
Status: Open
Assigned: 16 Feb 2004
Due: ---
Comments:
Prateek Mishra 2004-02-16 14:46 GMT
Easy to do but needs proposal on validity of assertion life-times as well.
----------------------------------------------------------------------------
----
#0124: Update meta-data specification with identifiers for SAML entities
Owner: Jahan Moreh
Status: Open
Assigned: 13 Feb 2004
Due: ---
Comments:
----------------------------------------------------------------------------
----
#0123: Obtain MIME type registration for HTTP lookup of SAML
Owner: Jeff Hodges
Status: Open
Assigned: 13 Feb 2004
Due: ---
Comments:
----------------------------------------------------------------------------
----
#0122: Arrangements for Austin F2F
Owner: Michael McIntosh
Status: Open
Assigned: 13 Feb 2004
Due: ---
Comments:
----------------------------------------------------------------------------
----
#0121: Make a proposal that meets the W-28a* goals and discussion points.
Owner: Eve Maler
Status: Open
Assigned: 11 Feb 2004
Due: ---
Comments:
----------------------------------------------------------------------------
----
#0119: Extension of AuthNRequest - AuthNResponse protocol
Owner: Scott Cantor
Status: Open
Assigned: 11 Feb 2004
Due: ---
Comments:
Prateek Mishra 2004-02-11 22:35 GMT
Scott: Proposes to change AuthnRequest to handle some of this.
Ron: would like to help
PROPOSAL: get basic integration of AuthnRequest/Response and then look at the various use cases to see how they can be integrated in. (Scott)
----------------------------------------------------------------------------
----
#0118: Solution proposal for encryption use-cases
Owner: Hal Lockhart
Status: Open
Assigned: 11 Feb 2004
Due: ---
Comments:
Prateek Mishra 2004-02-11 22:33 GMT
ACTION: Hal to produce text to describe 3 use cases for SSTC to consider.
----------------------------------------------------------------------------
----
#0117: Describe use-cases for attribute-based SSO in relationship to ID-FF 1.2 NameIdPolicy
Owner: Prateek Mishra
Status: Open
Assigned: 11 Feb 2004
Due: ---
Comments:
----------------------------------------------------------------------------
----
#0116: Investigate removal of NotBefore/NotOnOrAfter from BaseNameIdentifier
Owner: Scott Cantor
Status: Open
Assigned: 11 Feb 2004
Due: ---
Comments:
Prateek Mishra 2004-02-11 22:17 GMT
ISSUE: Consider removing NotBefore/NotOnorAfter based on sessions discussion. Sync up validity period (Scott)
ACTION: Scott to think about this more
----------------------------------------------------------------------------
----
#0115: Update metadata drafts with ID-FF 1.2 materials
Owner: Jahan Moreh
Status: Open
Assigned: 19 Jan 2004
Due: ---
Comments:
Prateek Mishra 2004-01-20 03:27 GMT
Jahan:
ACTION: Update the metadata draft if necessary according to the latest ID-FF V1.2 materials. (Scott will also review for this
purpose.)
<http://lists.oasis-open.org/archives/security-services/200312/msg00064.html>
----------------------------------------------------------------------------
----
#0114: Propose language to address attribute-based federation
Owner: Prateek Mishra
Status: Open
Assigned: 19 Jan 2004
Due: ---
Comments:
<http://lists.oasis-open.org/archives/security-services/200312/msg00064.html>
----------------------------------------------------------------------------
----
#0112: Update (W-7) discovery protocol solution proposal
Owner: Scott Cantor
Status: Open
Assigned: 19 Jan 2004
Due: ---
Comments:
Prateek Mishra 2004-01-20 03:17 GMT
ACTION: (SC) Update based on replacement of hash of succint id by literal provider id.
----------------------------------------------------------------------------
----
#0110: Feedback from LECP profile interop
Owner: Frederick Hirsch
Status: Open
Assigned: 19 Jan 2004
Due: ---
Comments:
Prateek Mishra 2004-01-20 03:14 GMT
ACTION: (FH) Check with Liberty Interop for any problems that may have arisen with
actual use of LECP profile.
----------------------------------------------------------------------------
----
#0109: Security concerns with LECP profile
Owner: Anthony Nadalin
Status: Open
Assigned: 19 Jan 2004
Due: ---
Comments:
Prateek Mishra 2004-01-20 03:12 GMT
ACTION: (FH) update to respond to Tony's security questions but we need to ask Tony for the
specific problem he had in mind.
----------------------------------------------------------------------------
----
#0105: Respond to IBM Analysis Paper
Owner:
Status: Open
Assigned: 19 Jan 2004
Due: ---
Comments:
Prateek Mishra 2004-01-19 23:09 GMT
- [ACTION] Scott & Tony to make recommendations based on IBM security analysis paper
----------------------------------------------------------------------------
----
#0098: Why does XACML use a URI-based type system
Owner: Eve Maler
Status: Open
Assigned: 19 Jan 2004
Due: ---
Comments:
Prateek Mishra 2004-01-19 22:30 GMT
AI: Eve to ask Anne Anderson for the historical use cases that underlie the XACML decision to use a URI-based type system.
<http://lists.oasis-open.org/archives/security-services/200401/msg00043.html>
----------------------------------------------------------------------------
----
#0086: Non-HTTP use-cases related to the LECP profile
Owner: Bob Morgan
Status: Open
Assigned: 23 Nov 2003
Due: ---
Comments:
Prateek Mishra 2003-11-24 03:27 GMT
ACTION: Bob Morgan - more use cases. More generic use cases, may be not involving HTTP. May involve web dav.


Attendance of Voting Members:

  Hal Lockhart BEA
  Gavenraj Sodhi Computer Associates
  Tim Alsop CyberSafe
  Paul Madsen Entrust
  Irving Reid HP
  Jason Rouault HP
  Maryann Hondo IBM
  Scott Cantor Individual
  Bob Morgan Individual
  Greg Whitehead Individual
  Prateek Mishra Netegrity
  Conor Cahill Netscape/AOL
  Peter Davis Neustar
  Frederick Hirsch Nokia
  John Kemp Nokia
  Charles Knouse Oblix
  Steve Anderson OpenNetwork
  Darren Platt Ping Identity
  John Linn RSA Security
  Rob Philpott RSA Security
  Jahan Moreh Sigaba
  Jeff Hodges Sun
  Eve Maler Sun
  Ron Monzillo Sun
  Emily Xu Sun
  Mike Beach The Boeing Company


Attendance of Prospective Members or Observers:

  Bhavna Bhatnagar Sun
  Miguel Pallares Ericsson
  Dipak Chopra SAP
  Rick Randal Booz Allen Hamilton


Membership Status Changes:

  Bhavna Bhatnagar Sun - Granted voting status after 2/17/2004 call
  Miguel Pallares Ericsson - Granted voting status after 2/17/2004 call
  Maneesh Sahu Individual - Requested membership 2/5/2004
  Senthil Sengodan Nokia - Requested membership 2/6/2004
  Rick Randal Booz Allen Hamilton - Requested membership 2/8/2004
  Von Welch NCSA - Withdrew 2/6/2004

--
Steve Anderson
OpenNetwork




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]