security-services message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: SSTC minutes 04-09-21 v2
- From: <Frederick.Hirsch@nokia.com>
- To: <security-services@lists.oasis-open.org>
- Date: Tue, 21 Sep 2004 14:32:40 -0400
Attached are revised v2 draft minutes from today's call, added attendance, link to Liberty document and
fixed spelling on Nick's name.
regards, Frederick
Frederick Hirsch
Nokia
-------
Minutes SSTC Teleconference
21 September 2004
v2
Minute Taker - Frederick Hirsch, Nokia
Attendance of Voting
Members
Conor P.
Cahill AOL,
Inc.
John Hughes Atos Origin
Hal Lockhart BEA
Ronald
Jacobson Computer
Associates
Gavenraj Sodhi Computer Associates
Paul Madsen Entrust
Carolina Canales-Valenzuela Ericsson
Irving Reid Hewlett-Packard Company
Paula Austel IBM
Michael McIntosh IBM
Anthony Nadalin IBM
Nick Ragouzis Individual
Scott
Cantor
Internet2
Bob Morgan Internet2
Prateek Mishra Netegrity
Forest Yin Netegrity
Peter Davis Neustar
Frederick Hirsch Nokia
Abbie
Barbir
Nortel
Scott
Kiester
Novell
Cameron Morris Novell
Charles Knouse Oblix
Steve Anderson OpenNetwork
Ari Kermaier Oracle
Vamsi Motukuru Oracle
Darren Platt Ping Identity
Jim Lien RSA Security
John Linn RSA Security
Rob Philpott RSA Security
Dipak Chopra SAP
Jahan Moreh Sigaba
Jeff Hodges Sun Microsystems
Eve Maler Sun Microsystems
Ron
Monzillo Sun
Microsystems
Mike Beach The Boeing Company
Greg Whitehead Trustgenix
Membership Status
Changes
John Hughes Atos Origin - Returned from LOA before 9/21/2004 call
Adam Dong Sun Microsystems - Lost prospective status after 9/21/2004 call
--
Steve Anderson
OpenNetwork
Agenda:
1. Agenda
bashing
Rob - proposal to move vote earlier in agenda, agreed
to get to vote in 1st half-hour by discussion items from agenda #3
necessary first.
34/45
- quorum achieved, 2/3 available
Minutes approved by unanimous
consent.
3. Changes since
14-Sep con-call
3i) Discussion of items that impact CD and public
review votes
a. Rob: I suggest adding
some text to request/response processing rules
Scott - clarify responders decide if
message is invalid and may decide not to process, normative that must return
error status, when responding, not required to respond. Fine
to specify what value is
for error response. Important not to return success if don't process message.
Artifact and query material is consistent
with this.
Proposal - Add following
text from Scott's message to section 3.2.2 of core - "complex type
status response type "
"If a SAML responder deems the message to be invalid according to SAML
processing rules, then if it responds, it MUST return a SAML response with
a
<StatusCode> element with the value
urn:oasis:names:tc:SAML:2.0:status:Requester"
Proposed by Scott,
seconded by Jeff.
Motion passes
with unanimous consent.
Discussion below.
Two definitions to add to glossary. Session already defined in
glossary.
Scott - Session Authority and
Session Participant should be defined in terms of
Session
Scott moves/Jeff seconds - Motion to add update
glossary with these definitions defined in terms of
Session
No objections to unanimous
consent.
d. Prateek:
Editoiral Action: investigate why we need separate sub-sections 4.1 and 4.2 in
conformance document
Discussion below.
Jeff - have gotten comments on IETF list, Scott
and Jeff incorporated comments, drafts are close to done.
Will repost to IETF list to be sure. If good then
will send to IESG.
Motion: Incorporate these two appendices into the
documents, consider as part of the documents we are voting
on
Jeff moves, Scott
seconds.
Discussion:
John Linn - any risk of further changes requiring
further revisions?
Jeff - don't expect so, expect any changes to be
editorial. This is registration material. For IETF normative, from SSTC
informational. What is normative is in our specs, names given in SSTC
specification, have had months of
review
Motion carries with unanimous
consent
Metadata change was previously
discussed.
g. JohnK/Eve:
Updates to all Authn Context schema
files
Discussion
below.
4. Vote on CD
status for CD-02 docs
Update status to CD status at end of meeting, documents
with changes previously accepted in this meeting.
Moved
- Frederick, Second - Hal
Motion carries by unanimous consent. (2/3 vote
carries)
5. Vote on
submission for OASIS Public Review.
Moved - Scott , Seconded -
Frederick
Eve asks
about having review longer than 30 days. Concern about getting 3 attestations.
Public review a good time for this.
Rob- not really connected issues, can extend if
necessary with later decision
Hal - OASIS will post notice regarding comment
period
Nick Ragouzis - Does this set an automatic
implied date for OASIS balloting?
Rob - at end of review period, will need to address
comments depending on comments received.
Call for objections -
Tony - abstain due to interoperability
issue.
Roll Call Vote (majority vote
required)
27 Yes, 4 abstains.
Motion carries. Committee drafts will be submitted to
OASIS for public review.
3ii) Discussion of Agenda
item 3 Editorial items
Issues list
Action Item: Scott to update examples in bindings
specification (editorial).
Prateek - Why separate MTI cipher suites for browsers
and clients. From 1.1 we had made some distinctions, including requiring
programmatic clients to implement TLS instead of SSL, encouraging AES, while
recognizing the large base of existing browsers supporting
SSL.
No further comments.
g. JohnK/Eve:
Updates to all Authn Context schema files
- John Kemp made changes to rename version of
authentication context schemas to version 2.0 (file name change, internal
mention of file name). Meeting OASIS file name
requirements.
6. V1.1 Errata/Corrigendum
Jahan - volunteers offers to maintain a new errata
document for v1.0 and v1.1 - deleting old errata that have been already
incorporated into specifications.
Eve: definitions: errata - reported mistake,
corrigendum - is correction to reported mistake.
7.
Action Item review
8. Other
Discussion
a) Meeting Plans
28 Sept - Focus call
5 Oct - Focus call
12 Oct - Quorum call, on going quorum call,
bi-weekly (every other week starting with 12 Oct)
Focus calls on alternate weeks.
b) Interop Discussion
Please respond with interest in SAML 2
interop to list, so venue may be planned. Need SSTC volunteer to coordinate.
Nick - focus calls might be useful about testing
procedures, Liberty ID-FF 1.2 testing procedures might be
useful
Rob - need Liberty permission
Jeff - if chairs ask, permission might be
forthcoming.
Hal - isn't document public, so is there an
issue?
Jeff - Question is derivative works.
See
"IOP Procedures IDFF-1.2-v062.pdf"
Hal moves that chairs liaise with Liberty and get
permission to use documents and make derivative works
Seconded by Jeff
Motion passed by unanimous consent.
Chairs take action item
Jeff offers to help.
Nick - will SSTC continue to ask for volunteers to
help with IOP?
Jeff - would be great if SSTC member would help
coordination as an SSTC representative.
Rob - Developer only, no marketing
interop.
Jeff - no finished products required
Will discuss interop on next week focus
call.
8.
Adjourn
Meeting adjourned.
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]