OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Agenda for 31-Jan SSTC con-call


Dial in info: +1 865 673 6950; Access code: 270-9441#

 

FYI - Spam on public comment distribution list has been reported to OASIS and they are working on it.

 

  1. Roll call
  2. Approve minutes from 17-Jan SSTC con-call
  3. Heads up: New IBM research report on security of SAML 2.0
    • Main focus is on use of artifact binding with web SSO
    • IBM has requested a meeting with SSTC to discuss findings and proposals
    • Chairs will set up meeting and have asked IBM to provide paper to TC
  4. Constrained Delegation (saml-dev discussion thread continued on main list):
  5. Potential Errata in Conformance for SAML Authority & Requester
  6. AshishP: Shared credential draft document
  7. saml-dev discussion re: “strongly matches”
  8. AI Review (attached)
  9. Any Other Business?
  10. Adjourn

 

---------------

 

#0247: As per 17-Jan call: Prateek has received some feedback on the constrained delegation profile and will produce a revision next week.

Owner: Prateek Mishra

<New AI>

---------------

 

#0243: Clean up text in Section 3.3.2.2.1 (RequestedAuthNContext)

Owner: Scott Cantor  

<New AI>

---------------

 

#0246: revise the PE 10 wording proposal "clarifying that anyURI is indeed the right interpretation" for the Reason attribute.

Owner: Jahan Moreh

<New AI>

---------------

 

#0180: Need to update SAML server trust document

Owner:

30-Aug: Jeff will not have time anytime soon to update the draft that was posted. It was suggested that the info in the doc is useful, so the AI is being left open in the hope that someone will volunteer in the near future to take over as editor.

---------------

 

#0234: Nick to prepare some text for PE 23.

Owner: Nick Ragouzis

---------------

 

#0245: Per 17-Jan con-call: Greg W. to propose some clarifying text for the attribute profile section re: the issues discussed on the call.

Owner: Greg Whitehead

<New AI>

---------------

 

#0244: Per 17-Jan con-call: Tom W. to send out a suggestion for shoring up the conformance language to clear up the requester/responder mismatch.

Owner: Thomas Wisniewski

<New AI>

---------------

 

#0238: Plan for red-line versions of SAML 2.0

Owner: Eve Maler

Per 8-Nov con-call: Eve-supposed to research on whether this was OK, she thinks OASIS said yes. CYA notification as to non-normative vs normative. Just haven't found the time. Keep my name on AI with speed caveat. Scott- I will help (if necessary)

 

#0242: Recommended text for SAML Attr Sharing Profile

Owner: Rob Philpott

---------------

 

#0230: SAML Conformance SSL/TLS requirements

Owner: Eric Tiffany

Eric is concerned because implementation will be able to run over TLS, but spec actually says you must implement TLS.

---------------

 

#0240: Status of SAML 2.0 submission to ITU T

Owner: Olivier Dubuisson

Per 17-Jan-06 con-call:
Abbie has asked Eve for help filling out a form having to do with Liberty's PAOS spec, on which SAML depends. She will probably delegate this.

Per 18-Jan email: Reassigned to Olivier Dubuisson
Olivier (and Abbie) - working the issue w/ITU-T. Olivier will just need help from Eve in working the Liberty mgmt board.

---------------

 



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]