OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [security-services] Minutes for November 8th/2005 SSTC Call


Bhavna joined late.  Her attendance resulted in regaining voting status.
--
Steve Anderson
BMC Software

-----Original Message-----
From: Paul Madsen [mailto:paulmadsen@rogers.com] 
Sent: Tuesday, November 08, 2005 1:08 PM
To: security-services@lists.oasis-open.org
Subject: [security-services] Minutes for November 8th/2005 SSTC Call

Minutes for November 8th/2005 SSTC Call

1. Attendance
Paul Madsen to take minutes

Attendance of Voting Members

  Steve Anderson BMC Software
  Abbie Barbir Nortel
  Mike Beach The Boeing Company
  Brian Campbell Ping Identity
  Carolina Canales-Valenzuela Ericsson
  Scott Cantor Internet2
  Heather Hinton IBM
  Frederick Hirsch Nokia
  Jeff Hodges NeuStar
  Dana Kaufman Forum Systems
  Ari Kermaier Oracle
  Paul Madsen NTT Corporation
  Eve Maler Sun Microsystems
  Prateek Mishra Principal Identity
  Cameron Morris Novell
  Vamsi Motukuru Oracle
  Anthony Nadalin IBM
  Rob Philpott RSA Security
  Irving Reid Hewlett-Packard Company

Attendance of Non-Voting Members

  Prasanta Behera Individual
  Bhavna Bhatnagar Sun Microsystems
  John Hughes Individual

Membership Status Changes

  Ashish Patel France Telecom - Requested LOA 11/1 - 11/27
  Prasanta Behera Individual - Granted TC Membership 11/3/2005
  Merritt Maxim CA - Lost voting status after 11/8/2005 call
  Rick Randall Booz Allen Hamilton - Lost voting status after 11/8/2005
call
  David Staggs Veteran's Health Admin - Lost voting status after 
11/8/2005 call
  Bhavna Bhatnagar Sun Microsystems - Gained voting status after
11/8/2005 call

- Quorum reached

2. Approve minutes of Oct 25 conference call
   
http://lists.oasis-open.org/archives/security-services/200510/msg00019.h
tml

- No objections, minutes approved

3. Errata review  sstc-saml-errata-2.0-draft-19.pdf
   
http://www.oasis-open.org/apps/org/workgroup/security/download.php/15235
/sstc-saml-errata-2.0-draft-19.pdf

   From Jahan,
   The only difference between this and last version is that we closed 
PE 36. PE 10, PE 23 and PE 32 remain open.

Prateek- Jahan (not on call) published v19 of Errata
Prateek- PE 10 still open
Scott- thought that was closed
Rob- we took Option 2
Scott- didn't we vote on that
Prateek- **AI**  action on Jahan to propose text re Option 2

- PE 23 still open
Prateek- this is open, against Nick who is not on call
Can't progress this

- PE 32 still open
Prateek- Rob, this for you
Rob- haven't got to it

Prateek- no other items to look at
Rob- Wait, Jahan had mentioned that there were additional list
discussions
Prateek- my interpretation is that Jahan had reviewed and thought closed
Rob- not sure, e.g. Msg 25 & 26 'Another Possible Errata in Metadata' 
October
Rob- Not sure that its correct to think its closed
Scott- **AI**  takes an action to propose clarifying text for line 272

Msg 4 in November 'Session Index on Logout'
Scott- not quite so clear
Prateek- ongoing?
Scott- two issues Conor was raising
1) whether or not SessionIndex needed to be clearer defined in Core 
rather than profiles
2) Conor asked what to do if you don't get a SessionIndex from the IDP 
but the profile says the IDP has to send one
Rob- you sure?
Scott- think so, maybe I'm backwards
Scott- line 551 of profile
Scott- any athnstatements must have a SessionIndex
Scott- can't remember specific reasoning
Rob- sorry, I was referring to SLO
Scott- SLO profile says if you got a SessionIndex then you must include 
it when you logout AND SSO profile says you are always going to get one
Rob- in IDP initiated logout, SessionIndex is optional
Scott- agree

Scott- **AI** takes an action to clarify with informational text

Rob, text is already correct

4.  AI Review

*0241*: Response to Gartner March 05 note
*Owner*: Merritt Maxim
*Status*: Open
*Assigned*: 2005-11-07
*Due*: ---

Prateek- on last call there was discussion that the Adoption 
SubCommittee could look into this

------------------------------------------------------------------------
*#0240*: Status of SAML 2.0 submission to ITU T
*Owner*: Abbie Barbir
*Status*: Open
*Assigned*: 2005-11-07
*Due*: ---

Abbie- in progress, I'm still editing, First have to sychronize with 
OASIS. Have to clear up process between OASIS and ITU. Call for TC 
volunteers to review submission.
Eve- I'll do it
Abbie- structure will change, files become subsections etc, significant 
editing burden
Prateek- maybe we can split this up, I can help
Abbie- I need proofreading, I use Word
Abbie- it's a nightmare, but worth it. SAML is important input.
Prateek- agree
Abbie- expect early December.
Jeff- When ready, Abbie should check files in & announce so we can all 
review
Prateek- stays open

------------------------------------------------------------------------
*#0239*: High-level approach to third-party AuthNRequest
*Owner*: Scott Cantor
*Status*: Closed
*Assigned*: 2005-11-07
*Due*: ---

Prateek- minutes from last call indicated discussion about WSA?
Scott- WSA was rejected
Scott- Action Item closed, draft submitted by Scott Msg 5 from Nov - 
Document ID 15207
Scott- SAML protocol extension draft that simply has this extension as 
the first of potentially many future extensions
Scott- believe what is there is sufficient. Added text around the 
extension only being relevant for protocols that support unsolicited 
response

------------------------------------------------------------------------
*#0238*: Plan for red-line versions of SAML 2.0
*Owner*: Eve Maler
*Status*: Open
*Assigned*: 2005-11-07
*Due*: ---

Eve- supposed to research on whether this was OK, she thinks OASIS said
yes
Eve- CYA notification as to non-normative vs normative
Eve- just haven't found the time
Prateek- we know this is possible, can we close?
Rob- lets keep it open until we allocate work
Eve- sure, keep my name on it with speed caveat
Scott- I will help (if necessary)
Eve-also working on companion paper to SAML Basic slides, forced into 
this because of a presentation. Going to revise the SAML Basics slides 
and publish the companion paper as well. Welcome comments

------------------------------------------------------------------------
*#0237*: Interop Test question: Metadata 2.0 EndpointType question
*Owner*: Eric Tiffany
*Status*: Open
*Assigned*: 2005-10-24
*Due*: ---

Stays open
------------------------------------------------------------------------
*#0235*: Various Editorial Changes
*Owner*: Eve Maler
*Status*: Open
*Assigned*: 2005-10-10
*Due*: ---

Prateek- believe this is the set of profiles we are trying to package 
together
Rob- Eve reported last week that still progressing

------------------------------------------------------------------------
*#0234*: Nick to prepare some text for PE 23.
*Owner*: Nick Ragouzis*
*Status*: Open
*Assigned*: 2005-10-10
*Due*: ---

Stays open

------------------------------------------------------------------------
*#0230*: SAML Conformance SSL/TLS requirements
*Owner*: Eric Tiffany
*Status*: Open
*Assigned*: 2005-09-12
*Due*: ---

Stays open

------------------------------------------------------------------------
*#0224*: Re-work X.509 Authn attribute protocol profile to address SSTC 
comments.
*Owner*: Rob Philpott
*Status*: Open
*Assigned*: 2005-06-20
*Due*: ---

Rob- I pinged Rick Randall, he did not reply. If he doesn't respond we 
can close this
Prateek- seems there was interest on our side that we would take this to
CS
Rob- current document is just CD, customer didn;t need more. COnor had 
issues, Rob had text to address but without a decision to move the spec 
forward to CS and do public review there was insufficient impetus to rev

the doc
Prateek- I'm happy to help, do we just need to update
Rob- need to make sure that my proposed text addresses Conor's concern
TomW- I can help too
Rob- we can move ahead without Rick's customer
Prateek- we leave open

------------------------------------------------------------------------
*#0216*: Formulate some suggested redline text for PE10 for review.
*Owner*: Jahan Moreh
*Status*: Open
*Assigned*: 2005-03-30
*Due*: ---

Stays open

------------------------------------------------------------------------
*#0180*: Need to update SAML server trust document
*Owner*:
*Status*: Open
*Assigned*: 2004-07-12
*Due*: ---

Stays open


Prateek- thats it
Eve- Move to adjourn

-- 
Paul Madsen                        e:paulmadsen@ntt-at.com
NTT                                p:613-482-0432
Co-Chair, Technology Expert Group  m:613-302-1428
Liberty Alliance Project           aim:PaulMdsn5




---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  You may a link to this group and all your TCs in
OASIS
at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php 





[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]