OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Minutes of 19-July SSTC con-call


SSTC Con Call 19-July
----------------------


> Dial in info: +1 865 673 6950; Access code: 270-9441#
> 1.       Attendance/call to order.
> 
> 2.       Approve minutes from 5-Jul con-call:
> 
> a.       Minutes: SSTC Conference Call, July 5 (with attendance) 
> <http://lists.oasis-open.org/archives/security-services/200507/msg00024.html>

	Minutes accepted with no objections

> 3.       Jahan: Updated Errata document
> 
> a.       [security-services] Groups - sstc-saml-errata-2.0-draft-11.pdf 
> uploaded 
> <http://lists.oasis-open.org/archives/security-services/200507/msg00034.html>

	PE7:
	 	- Still open ... Awaiting text from Rob P
	PE10:
		- Still open ... Awaiting text from Jahan M
	PE18:
		- Proposal to strike line that states ECP may refer to
		  a service.
		- Motion to accept proposal made by Jahan M and
		  seconded to Rob P & Hal L.
		- Motion passed with no objections.
	PE19:
		- Members should review the proposed text
		- Vote on next call
	PE20:
		- Motion to accept proposed text made by Scott C and
		  seconded by Greg W
		- Motion passed with no objections
	
	Jahan to add Nick's (#226, #227, #228) and Rob's comments
	to the errata list

> 4.       List discussions:
> 
> a.       Conor: SAML error processing text:4 (see Errata PE19)
> 
>                                                    i.      SAML Error 
> processing (was rejecting SAML requests) 
> <http://lists.oasis-open.org/archives/security-services/200507/msg00008.html>
> 
	Deferred to next call as Conor was not on.

> **b.       ****Conor, et al: List discussion re:******
> 
> **                                                   i.      **Using 
> SAML Artifacts in the WSS SAML Token Profile 
> <http://lists.oasis-open.org/archives/security-services/200507/msg00011.html>****
>
	Deferred until Conor provides his use-case

	.. Need to hear Conor's use-case to better understand why
	standard reference mechanisms are not sufficient
	.. Artifact is typically used only with the HTTP binding.
	Looking to hear if there is a SOAP context
	.. No construct in SAML 2.0 for artifacts.


> c.       Brian Campbell: Problem in SSO Profile re: confirmation
> 
>                                                    i.      RE: 
> [security-services] SSO Profile confusion 
> <http://lists.oasis-open.org/archives/security-services/200507/msg00027.html>
> 

	- Brian C yet to review Scott's comments.

> d.       Tom W re: PAOS
> 
> **                                                   i.      **PAOS 
> Question 
> <http://lists.oasis-open.org/archives/security-services/200507/msg00025.html>****
> 
>                                                  ii.      New Errata 
> Item - Regarding PAOS version 
> <http://lists.oasis-open.org/archives/security-services/200507/msg00028.html>

	- Motion to strike the words "at a minimum" from Line 474 of the
	  binding spec made by Scott C and seconded by Hal L
	- Motion passed with no objections

> 
> e.       Prateek: Moving the SAML 1.1 metadata doc to Committee Spec status
> 
>                                                    i.      From commitee 
> draft to committee specification 
> <http://lists.oasis-open.org/archives/security-services/200507/msg00030.html>

	- OASIS Public Review period is now 60 days
	- Bundle of docs to be part of the public review package
		SAML 1.1 Metadata
		SAML 2.0 Metadata Extensions
		X.509 Authn attribute protocol (if approved)
		XPath Attribute Profile (if approved)
		Tech Overview (Non normative)
		Exec Overview (Non normative)

	- Chairs will work on the package for Public Review.
	- Looking at a mid August date for starting PR
	
> 
> f.         Tom W: ECP errata text proposal (See Errata PE20)
> 
> **                                                   i.      **Proposed 
> Errata text for clarifying ECP md binding that should be used. 
> <http://lists.oasis-open.org/archives/security-services/200507/msg00033.html>****

	- Closed ... same as PE20

> 5.       Cameron: Updated draft of xpath attribute profile:
> 
> **a.       **Groups - draft-saml-xpath-attribute-profile-04.pdf 
> (draft-saml-xpath-attribute-profile-04.pdf) uploaded 
> <http://lists.oasis-open.org/archives/security-services/200507/msg00010.html>****

	- Changes made to qualifying prefixes inside Xpath
	- Reconciled objections raised by Conor
  	
	- Still open awaiting feedback from members.
	- Next step is to move the document to Committee Draft status.


> 6.       Eve: New draft of Executive Overview:
> 
> a.       Groups - Executive Overview CD in 2-column form (.pdf) 
> (sstc-saml-exec-overview-2.0-cd-01-2col.pdf) uploaded 
> <http://lists.oasis-open.org/archives/security-services/200507/msg00020.html>
> 
	- Cleaned up formatting
	- No substantive changes

	- Will post the latest draft to the list for review later today

> 7.       Prateek: Posted CD draft of response to Thomas Gross paper
> 
> a.       Groups - SSTC Response to Thomas Gross pdf (CD) 
> (sstc-gross-sec-analysis-response-cd-01.pdf) uploaded 
> <http://lists.oasis-open.org/archives/security-services/200507/msg00029.html>

	- Rob P sent comments about the contributor list, which
	prateek will incorporate
	- Plan is to leave this document as a Committee draft.

> 
> 8.       Merritt Maxim: SAML Adoption Subcommittee Status (deferred from 
> last call):
>
> a.       Proposal for SAML Adoption Subcommitee 
> <http://lists.oasis-open.org/archives/security-services/200506/msg00117.html>
>
	- Deferred to next call as Merritt was not on.

> 9.       Open AI’s: - see below.
> 
> 10.   Any other business?
> 
> 11.   Adjourn
> 
> -------------------------------------------------------------------
> *#0228*: Adding Metadata to SAMLConf?
> *Owner*: Nick Ragouzis
   Status: Closed. Nick has posted proposed text to the mailing list.
> ------------------------------------------------------------------------
> *#0227*: Potential Errata, HTTPS in URI Binding
> *Owner*: Nick Ragouzis
   Status: Closed. Nick has posted proposed text to the mailing list.
> ------------------------------------------------------------------------
> *#0226*: PE2 and ArtifactResolutionService
> *Owner*: Nick Ragouzis
   Status: Closed. Nick has posted proposed text to the mailing list.
> ------------------------------------------------------------------------
> *#0225*: Third-party AuthnRequest use case
> *Owner*: Scott Cantor
   Status: Open. SC will work with GW to close this issue
> ------------------------------------------------------------------------
> *#0224*: Re-work X.509 Authn attribute protocol profile to address SSTC 
> comments.
> *Owner*: Rick Randall
   Status: Open. Rob P will send addition comments to Rick
> ------------------------------------------------------------------------
> *#0223*: Proposal for subcommittee to address enhancing SAML Adoption.
> *Owner*:
   Status: Open
> ------------------------------------------------------------------------
> *#0216*: Formulate some suggested redline text for E7 for review.
> *Owner*: Jahan Moreh
   Status: Open
> ------------------------------------------------------------------------
> *#0213*: Prepare final CD draft of metadata-1x document and submit it to 
> OASIS
> *Owner*: Eve Maler
   Status: Closed.
> ------------------------------------------------------------------------
> *#0210*: Links to new IPR policy to be sent to SSTC
> *Owner*: Rob Philpott
   Status: Open
> ------------------------------------------------------------------------
> *#0180*: Need to update SAML server trust document
> *Owner*: Jeff Hodges
   Status: Open



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]