[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes of SSTC Conference Call, 24-May-2005
============================================================================ SSTC concall Tue 5/24/2005 9:07:20 AM ---------------------------------------------------------------------------- summary: * prior minutes accepted * tabled motions from 10-May accepted will have electronic ballots for.. sstc-saml-x509-authn-based-attribute-protocol-profile-2%200-draft-07.pdf draft-saml-xpath-attribute-profile-03.pdf * questions, comments, concerns, applications for SAML 1.1 Testing Referral Program should be sent directly to AndyM. * Marketing-type folks are interested in forming some sort of SSTC sub-group. Folks are supportive. Take discussion of ins-and-outs to the list. * current version of Technical Overview needs review & feedback ! * Jahan will endeavor to rev the Errata doc in next day or so. Review & comment needed. Attendance at end. --- Details: prateek mishra wrote: > > > Dial in info: +1 865 673 6950 #351-8396 > > > 1. Accept minutes from May 10 conference call > http://lists.oasis-open.org/archives/security-services/200505/msg00038.html accepted by unanimous consent. > 2. Re-visit tabled motion from May 10 > > (a) Proposal to create an electronic ballot for CD status for: > > sstc-saml-x509-authn-based-attribute-protocol-profile-2.0-draft-07 > > available at > > http://www.oasis-open.org/apps/org/workgroup/security/download.php/12818/sstc-saml-x509-authn-based-attribute-protocol-profile-2%200-draft-07.pdf prateek mishra (PM): solicits that we vote JeffH moves that we have elec ballot for doc in item (a). Conor 2nd. motion carries by unanimous consent. > (b) Proposal to create an electronic ballot for CD status for: > > draft-saml-xpath-attribute-profile-03.pdf > > available at > > http://www.oasis-open.org/apps/org/workgroup/security/download.php/12811/draft-saml-xpath-attribute-profile-03.pdf RickR moves that we have ballot for (b). JeffH 2nds. no objections to unanimous consent. PM: So should have 2 elec ballots by end of day. will have week to vote. > 3. INFORMATIONAL > *SAML 1.1 Testing Referral Program Proposal Update* > http://lists.oasis-open.org/archives/security-services/200505/msg00027.html AndyM(AM): going to change the policy such that (see msg)... NickR: what's the definition of "company" in this? Is it a 50% controlling interest or what? AM: good question, don't want to get on this call Eve (em): have we/you looked at W3C -- they have some guidelines/rules wrt subsidaries that perhaps OASIS can leverage...? [various folks chime in] FredrickH(FH): OASIS membership agreement addresses subsideraries... AM: the test referral guidelines are being updated as we speak, so we can fold in this info NR: [asking for further clarification] AM: doesn't really want discuss these details on this call.... JH: where should comments on referral guidelines be sent? AM: send them directly to me. Also, companies that wish to offer testing via referral should contact AM directly. > 4. INFORMATIONAL > > Proposal from Meritt Maxim, CA, (Merritt.maxim@ca.com) > <mailto:Merritt.maxim@ca.com)for> <mailto:Merritt.maxim@ca.com)for> > for <mailto:Merritt.maxim@ca.com)for> formation of a sub-group to help > enhance SAML adoption > > The purpose of the SAML Adoption sub-group is to promote > the adoption of the SAML standard within large organizations > that will help these organizations reduce operating costs > and complexity. The sub-group will achieve this by > recommending and executing on a marketing plan. Initially > the > sub-group will promote the work of the SAML > Specification release(s) and will align with ongoing SAML > technical efforts post release of the SAML Specification(s). > > The scope of the sub-group is to recruit new members > to join the OASIS SAML group, and create and coordinate member > communications and outbound communications. It > will supervise press and analyst relations such as briefings, > releases, and announcements to promote the adoption of > SAML for identity federation. It shall manage communications > to OASIS SAML members and end-users and recruit new members through > the OASIS SAML website, collateral, newsletters, and webinars. > To promote SAML positioning and the value proposition, the > sub-group shall update existing white papers, FAQs, overview > documents and user scenarios as well as create new materials > as needed. The sub-group will also establish relationships > with other organizations concerned > with federated identity to > ensure inclusion of SAML when appropriate. The sub-group will also > assist in coordinating the promotional efforts of member companies > relating to SAML. Merritt not on the call. EM: great idea, want to contribute, but don't think want to re-create formal subgroups, our early experiment with that resulted in some balkanization. We should discuss such stuff on the main list. Believes the "auxillary" docs we have are quite useful, and she's working on a SAMLv2 slide deck AM: private comments from folks, who're marketing oriented, don't want to be deluged by tech list EM: hm, might soften stance RLBobM (BM): but there'll be tech content and will need tech review, will be hard for a TC-sponsored activity to be entirely objective on its own, witness the testing referral program issues, so thinks that having a sort of "saml industry association" that's sep from SSTC and sep from OASIS might be an outcome. but in meantime, attaching it to the TC should be a way to gather info for it... EM: so what happened with that Federated ID User Group that Boeing or GM started.... BM: it was GM, and for various reasons it didn't go anywhere.. MikeBeach(MB): it [floundered] for lack of resources, these things take resources.. JH: summarized what RLBob was saying... NR: try it as an informal activity as a part of the group... SA: but if they need to be on SSTC list then they'll get deluged... [discussion wrt sep email list, sep sub-group] EM: so on the stuff they come up with, the TC as a whole has to sign off on it and am happy to keep maintaining the SSTC web page and can place such outputs on the page... PM: will have more time next week and on the list to discuss this item, moving forward.... > 5. Technical overview status: (sstc-saml-tech-overview-2[1].0-draft-05.pdf) > > Most recent draft at: > http://www.oasis-open.org/apps/org/workgroup/security/download.php/12549/sstc-saml-tech-overview-2%5B1%5D.0-draft-05.pdf JohnHughes(JoH): have work to do on this, needs review and feedback to ensure have things correct. > 6. Errata Status (sstc-saml-errata-2.0-draft-06) > > Most recent draft at > http://www.oasis-open.org/apps/org/workgroup/security/download.php/12388/sstc-saml-errata-2.0-draft-06.pdf > > Relevant threads: > > (a) *Comments on metadata 2.0 extension spec* > http://lists.oasis-open.org/archives/security-services/200505/msg00021.html > > (b) *Another attempt at AllowCreate cleanup* > http://lists.oasis-open.org/archives/security-services/200505/msg00014.html Jahan Moreh(JM): will endeavor to capture comments today pm: there's suggestions in the (b) thread jm: will endeavor to capture pm: there's also some items in thread on (a)? jm: [ok] scott cantor(sc): what's the status of finishing this item up [getting the contributor list, frontmatter, backmatter] [discussion...] pm: summarizing, 2 docs (1.x metadata profile & attribute extension) 1 schema... sc: 2 schemas pm: will send a note to the list today soliciting folks to respond on whether they are contributor or not. [so EM can finish up overall editing] pm: Jahan will you pick up 6a & 6b items and issue new draft? jm: 6a has items? pm: 6b has items, 6a is just editorial [nits] > 7. Open Action Items > > *#0221*: Request copy of Thomas Grosz paper for inclusion in SSTC archives > *Owner*: Maryann Hondo > *Status*: Open > *Assigned*: 2005-04-12 > *Due*: --- remains open. > *#0217*: Explore with OASIS how best to do publication of redlined specs > based on errata. > *Owner*: Eve Maler > *Status*: Open > *Assigned*: 2005-03-30 > *Due*: --- remains open. will re-ping requisite person. > *#0216*: Formulate some suggested redline text for E7 for review. > *Owner*: Jahan Moreh > *Status*: Open > *Assigned*: 2005-03-30 > *Due*: --- remains open. > *#0213*: Prepare final CD draft of metadata-1x document and submit it to > OASIS > *Owner*: Eve Maler > *Status*: Open > *Assigned*: 2005-03-29 > > *Due*: --- > COMMENT: also includes meta-data extension draft > remains open. > *#0210*: Links to new IPR policy to be sent to SSTC > *Owner*: Rob Philpott > *Status*: Open > *Assigned*: 2005-03-15 > *Due*: --- remains open. > *#0208*: Run additional tests to check issues with deflate encoding and > rfc1951 (java libraries) > *Owner*: Scott Cantor > *Status*: Open > *Assigned*: 2005-03-01 > *Due*: --- SC: this one is becoming proverbial barn door already closed. please close this one, will try to find someone who's done a non-Java impl to do a test with and report results. ari kermier(ak): what's this one about? sc: the rfc doesn't have test [vectors], so need to find someone who's not done a java impl to try to test will. greg whitehead(gw): thinks believes that someone at RSA SAMLv2 interop had non-java impl....we were all iop'g and we were all doing it wrong sc: want to get a test suite to see if we can double check output between impl types -- the javadoc's info is incorrect/misleading -- hence desire to specifically test against impl that's not java. > *#0180*: Need to update SAML server trust document > *Owner*: Jeff Hodges > *Status*: Open > *Assigned*: 2004-07-12 > *Due*: --- remains open. --- Attendance: Attendance of Voting Members Conor P. Cahill AOL, Inc. Steve Anderson BMC Rick Randall Booz Allen Hamilton Thomas Wisniewski Entrust Carolina Canales-Valenzuela Ericsson Dana Kaufman Forum Systems Irving Reid Hewlett-Packard Company Guy Denton IBM Heather Hinton IBM Maryann Hondo IBM John Hughes Individual Nick Ragouzis Individual Scott Cantor Internet2 Bob Morgan Internet2 Jeff Hodges NeuStar Frederick Hirsch Nokia Senthil Sengodan Nokia Cameron Morris Novell Ari Kermaier Oracle Alberto Squassabia Ping Identity Prateek Mishra Principal Identity Jim Lien RSA Security Jahan Moreh Sigaba Eve Maler Sun Microsystems Ron Monzillo Sun Microsystems Mike Beach The Boeing Company Greg Whitehead Trustgenix Attendance of Prospective Members Brian Campbell Ping Identity David Staggs Veteran's Health Admin Attendance of Observers Andy Moir OASIS Membership Status Changes Brian Campbell Ping Identity - Granted Voting Member status after 5/24/2005 call John Harby Individual - Lost prospective status after 5/24/2005 call Rebekah Metz Booz Allen Hamilton - Lost Voting status after 5/24/2005 call Abbie Barbir Nortel - Lost Voting status after 5/24/2005 call ============================================================================
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]