RE: [security-services] Agenda for 25-Oct SSTC con-call

["Jahan Moreh" <jmoreh@sigaba.com>]

I will try to publish Draft 18 later tonight....

 

Jahan

---

From: Philpott, Robert [mailto:rphilpott@rsasecurity.com]
Sent: Monday, October 24, 2005 3:27 PM
To: security-services@lists.oasis-open.org
Subject: [security-services] Agenda for 25-Oct SSTC con-call

Dial in info: +1 865 673 6950; Access code: 270-9441#

 

1. Roll call
2. Approve minutes of 11-Oct con-call:
   1. RE: [security-services] Minutes for SSTC Conference Call, October 11
3. Errata Review (Jahan):
   1. Current rev is draft 17 posted prior to 11-Oct meeting.
   2. Status of updates from 11-Oct meeting?

                                                               i.      AI’s: 231, 236

                                                             ii.      Clarification on Action element - Jahan to capture this as an errata item.

3. Should we produce red-line versions of spec’s soon?
3. Scott: Strawman proposal on third-party AuthnRequest
4. Scott: Some food for thought on delegation
5. Package for upcoming CD vote:
   1. Rob: Tech Overview status – Still working on updates.  Not ready for review.
   2. Eve: XPath CD draft?
6. Eve: FAQ update (see AI 235):
   1. Could use advise on changing the SAML FAQ
7. Abbie/Prateek: Submission to ITU-T
8. Miscellaneous:
   1. Comment list: Public Comment
   2. OASIS Press Inquiry: TC response to Gartner’s March’05 Report?

                                                               i.      An editor from Computer Weekly, a UK IT publication, is writing an article on new approaches to network security. He asks if we can provide an official TC response to Gartner's March report, which says "much more must be done before SAML can be considered anything more than just another security token format and yet another set of protocols... very few real-world production applications rely on it". He also asks if there's any synergy between SAML and the Jericho Forum's work.

                                                             ii.      Is this something the Adoption SC could addresss?

10. AI Review: See attached list
11. Other business?
12. Adjourn

 

#0237: Interop Test question: Metadata 2.0 EndpointType question Owner: Eric Tiffany

11-Oct: Option "A" in the list email is the preferred interpretation. Eric to propose text

 

#0235: Various Editorial Changes Owner: Eve Maler

11-Oct: Still not quite done. Eve is breaking FAQ into a Questions and Answers format. Expects to post revised XPath draft soon so it can be linked from the web page.

 

#0234: Nick to prepare some text for PE 23. Owner: Nick Ragouzis*

 

#0230: SAML Conformance SSL/TLS requirements Owner: Eric Tiffany

Eric is concerned because implementation will be able to run over TLS, but spec actually says you must implement TLS.

 

#0224: Re-work X.509 Authn attribute protocol profile to address SSTC comments. Owner: Rob Philpott

27-Sep: Sent mail to Rick Randall asking for final decision.

 

#0216: Formulate some suggested redline text for PE10 for review. Owner: Jahan Moreh

30-Aug: Changed AI description: item to be updates is PE10, NOT "E7".

 

#0180: Need to update SAML server trust document Owner: None

 

Rob Philpott
Senior Consulting Engineer
RSA Security Inc.
Tel: 781-515-7115
Mobile: 617-510-0893
Fax: 781-515-7020
Email: rphilpott@rsasecurity.com
I-name:  =Rob.Philpott