[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Agenda for SSTC Conference Call, May 11
My action items: > 5. Open Action Items > > #0153: add ReauthenticateOnOrAfter > Owner: Scott Cantor Still open, should be done in next draft. > #0150: Relax Single AuthNStatement Constraint > Owner: Scott Cantor > Status: Open I believe this may be nominally done, but Bob and I talked about this a couple of weeks ago, and I'm fairly sure this is a bad idea, unless we do a better job of explaining what multiple statements are supposed to mean. I think the old profile is underspecified. I haven't heard a use case yet for multiple authn statements in this profile that made sense to me. > #0148: Artifact format proposal for SAML 2.0 > Owner: Jeff Hodges I guess this was Jeff's, but I raised it last focus call, and this is done. > #0139: Followup on a recipient attribute for the encryption key > Owner: Scott Cantor Still open, but suspect we need to normatively create some kind of definition for this thing we varyingly refer to as entityID, providerId, etc. The intent is to normatively establish a length-limited URI as a vehicle for identifying system entities in the SAML domain model. Suggest we add this to core and hang additional spec off of that foundation. > #0138: Schema snippet for UID Attribute Profile > Owner: Scott Cantor Still open. > #0136: SSO Validity Proposal to be moved into bindings draft > Owner: Scott Cantor Believe this is done in latest profiles draft. > #0133: Review role of EncryptedNameID recipient attribute > Owner: Scott Cantor Think this is a duplicate of 139 (or vice versa). -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]