[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes from SSTC Conference Call, May 10
Attendance and status changes at the end of the message.
Summary:
Focus calls are cancelled for the time being; next meeting will be a full TC conference call on May 24, 2005.
Motion to begin an electronic vote on Committee Draft status for the X509-based attribute profile is tabled, pending another revision of the document (see agenda item 3a below)
TC voted to approve response to Thomas Grosz (http://www.oasis-open.org/committees/download.php/11191/sstc-gross-sec-analysis-response-01.pdf) as a Committee Draft. Note, there was no discussion of whether this triggers an action item for the chairs to update and publish the document.
Action Items: #0222, #0220 closed, all others remain open.
- irving -
> Subject: [security-services] Agenda for SSTC Conference Call, May 10
>
0. Agenda bashing: add vote on Thomas Grosz response message to agenda
Add discussion of process changes for voting to agenda
Steve Anderson: new TC process changes the rules for who is in good voting status: there is no longer a "warning period": If you miss two out of any three meetings, you are automatically dropped. There is a new status "TC member who is not a voting member"; presumably you fall into that class.
Steve's interpretation of the current rules is that once you drop of by this rule, you must explicitly request reinstatement and then go through the standard "attend two out of next three" to gain voting status.
Rob: there is ongoing discussion among OASIS and TC chairs about this rule change.
> 1. Accept minutes from April 12 conference call
>
> http://lists.oasis-open.org/archives/security-services/200504/
msg00096.html
Moved: Conor, no objections, accepted.
> 2. Administrative Info:
>
> SSTC conference call every 2 weeks
> (next call on May 24th - no more focus calls scheduled)
No discussion.
> 3. Vote on creation of two distinct electronic ballots for moving the
> following documents to CD status
> (requires simple majority only)
>
> a. sstc-saml-x509-authn-based-attribute-profile-draft-0.5.pdf
> http://www.oasis-open.org/apps/org/workgroup/security/download
.php/12464/sstc-saml-x509-authn-based-attribute-protocol-> profile-2%200-draft-05.pdf
Moved: Frederick
Seconded: RL Bob
Scott: Thomas sent some comments on X509 draft, and Scott has some comments; also an error in the Xpath draft. Scott feels this (and the attribute profile draft) aren't ready for vote
Rick: agrees; suggests motion be tabled.
Draft author: feels that it should be possible to incorporate comments within the next week
> b. sstc-saml-2.0-xpath-attribute-profile-draft-02.pdf
> http://www.oasis-open.org/apps/org/workgroup/security/download
.php/12486/sstc-saml-2.0-xpath-attribute-profile-draft-02.pdf
Prateek / Cameron: agree to go one more round of revision, and bring a new draft forward for next TC meeting.
Prateek: Would like to discuss the Thomas Grosz response document now; asks for a motion.
Frederick moves that the document go to Committee Draft status; RL Bob seconds.
Discussion about whether it is appropriate for the TC to respond to this paper in an official capacity, since the original critique was not submitted to the TC in any way (it was published as a conference paper).
Procedural discussion: under new OASIS rules, CD status now requires only a simple majority, not the 2/3 majority previously needed.
Question is called; Tony objects, roll call vote...
26 for, 3 against, 1 abstain, out of 39 voting members; motion carries.
> 4. SAML Testing Referral Program Proposal for SSTC Review & 30 Day
> Feedback - Response to SSTC Feedback (Andy will join the call)
> http://lists.oasis-open.org/archives/security-services/200504/
msg00125.html
Andy is not on the call, so there's a limit to how much we can accomplish in discussion. People re-raise the issues that have been discussed on the mailing list: concerns about a competing vendor also running the testing infrastructure.
Frederick: This was discussed by the OASIS board, with Andy, and we should wait for him to send out an update.
> 5. SAML 2.0 Technical Overview status (version 5 to appear in the AM)
Ongoing.
> 6. Errata Status and New Items
>
> a. sstc-saml-errata-2.0-draft-06.pdf (published April 25)
> http://www.oasis-open.org/apps/org/workgroup/security/download
.php/12388/sstc-saml-errata-2.0-draft-06.pdf
>
> b. Another attempt at AllowCreate cleanup
> http://lists.oasis-open.org/archives/security-services/200505/
msg00014.html
Scott has gone about as far as he can; any comments, or does anyone else want to take a crack at it?
Brian: most recent text looks much better
> 7. Open Action Items
> #0222: Update technical overview document with federation materials
> Owner: Prateek Mishra
> Status: Open
> Assigned: 2005-05-09
> Due: ---
Done.
> ________________________________
>
> #0221: Request copy of Thomas Grosz paper for inclusion in
> SSTC archives
> Owner: Maryann Hondo
> Status: Open
> Assigned: 2005-04-12
> Due: ---
Maryann Hondo had to drop off the call; still open.
> ________________________________
>
> #0220: Respond to Rick R on subject confirmation issue on the
> X509 Attribute Sharing Profile
> Owner: Scott Cantor
> Status: Open
> Assigned: 2005-03-30
> Due: ---
Closed; incorporated in new draft.
> ________________________________
>
> #0217: Explore with OASIS how best to do publication of
> redlined specs based on errata.
> Owner: Eve Maler
> Status: Open
> Assigned: 2005-03-30
> Due: ---
Open
> ________________________________
>
> #0216: Formulate some suggested redline text for E7 for review.
> Owner: Jahan Moreh
> Status: Open
> Assigned: 2005-03-30
> Due: ---
Open
> ________________________________
>
> #0213: Prepare final CD draft of metadata-1x document and
> submit it to OASIS
> Owner: Eve Maler
> Status: Open
> Assigned: 2005-03-29
> Due: ---
In progress; still open (update AI to also include metadata extension)
> ________________________________
>
> #0210: Links to new IPR policy to be sent to SSTC
> Owner: Rob Philpott
> Status: Open
> Assigned: 2005-03-15
> Due: ---
In progress; open
> ________________________________
>
> #0208: Run additional tests to check issues with deflate
> encoding and rfc1951 (java libraries)
> Owner: Scott Cantor
> Status: Open
> Assigned: 2005-03-01
> Due: ---
Open
> ________________________________
>
> #0180: Need to update SAML server trust document
> Owner: Jeff Hodges
> Status: Open
> Assigned: 2004-07-12
> Due: ---
Open.
Hal: Two weeks from today he will speak on SAML at the XML conference, using materials based on previous work by other TC members.
Rob: recently did a webcast on SAML and has some more materials.
Adjourned.
Attendance of Voting Members
First Last Company
Steve Anderson BMC
Conor P. Cahill AOL, Inc.
Carolina Canales-Valenzuela Ericsson
Scott Cantor Internet2
Peter Davis NeuStar
Wendy Gray JPMorganChase
Heather Hinton IBM
Frederick Hirsch Nokia
Jeff Hodges NeuStar
Maryann Hondo IBM
John Hughes Individual
Dana Kaufman Forum Systems
Ari Kermaier Oracle
John Linn RSA Security
Hal Lockhart BEA Systems, Inc
Paul Madsen NTT USA
Prateek Mishra Principal Identity
Ron Monzillo Sun Microsystems
Bob Morgan Internet2
Cameron Morris Novell
Vamsi Motukuru Oracle
Anthony Nadalin IBM
Rob Philpott RSA Security
Darren Platt Ping Identity
Nick Ragouzis Individual
Rick Randall Booz Allen Hamilton
Irving Reid Hewlett-Packard Company
Senthil Sengodan Nokia
Greg Whitehead Trustgenix
Thomas Wisniewski Entrust
Emily Xu Sun Microsystems
Attendance of Prospective Members or Observers
Alberto Squassabia Ping Identity
Peter Michalek Individual
Brian Campbell Ping Identity
Sharon Boeyen Entrust
Membership Status Changes
John Harby Individual - Requested Voting status 4/12/2005
John Hughes Individual - Returned from LOA before 5/10/2005 call
Dana Kaufman Forum Systems - Returned from LOA before 5/10/2005 call
Scott Kiester Novell - Lost voting status after 5/10/2005 call
Alberto Squassabia Ping Identity - Granted Voting status after 5/10/2005 call
Peter Michalek Individual - Granted Voting status after 5/10/2005 call
Martin Soukup Nortel - Lost prospective status after 5/10/2005 call
Atul Tulshibagwale Trustgenix - Lost prospective status after 5/10/2005 call
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]