Draft minutes for 28-Feb-2006 SSTC con-call

["prasanta behera" <pkb.prasanta@gmail.com>]

Let me know if I captured incorrectly.
Thanks,
/Prasanta
------------------


>1. Roll Call

To be  published later.


>2. Approve minutes from 14-Feb con-call
>http://lists.oasis-open.org/archives/security-services/200602/msg00042.html

Approved.


>3. Election of Co-Chair

>a. Call for nominations (included in last call agenda and minutes)

>Item 4 (c) of
>http://lists.oasis-open.org/archives/security-services/200602/msg00031.html

>b. Election (or electronic ballot)


Two nominations received. Hal Lockhart (Bea) and Abbie Barbir (Nortal)
No other nominations have been received. Nominations are CLOSED.
Mary from OASIS elaborated the rules for election. Majority voting members have to vote.  
Prateek to send an email to the TC about the process. It should lists all voting member names and where to send the vote.


>4.Editorial issue re: public review of CDs (need .sxw, .html versions)

> a. Committee Draft of SAML Attribute Sharing Profile for X.509
>Authentication-Based Systems
>http://www.oasis-open.org/committees/download.php/14006/sstc-saml-x509-authn-attrib-profile-cd-01.pdf

>b. Committee Draft of SAML XPath Attribute Profile (HTML version also
>available; accompanying schema)
vhttp://www.oasis-open.org/committees/download.php/16112/sstc-saml-xpath-attribute-profile-cd-01.pdf

>Schema:
>http://www.oasis-open.org/committees/download.php/14194/draft-saml-schema-xpath-attribute-profile-1.xsd


><http://www.oasis-open.org/committees/download.php/13846/sstc-saml-metadata-ext.xsd>c.
>Committee Draft of SAML V1.x Metadata Profile
>http://www.oasis-open.org/committees/download.php/13254/sstc-saml1x-metadata-cd-01.pdf

>Schema:
>http://www.oasis-open.org/committees/download.php/13255/sstc-saml1x-metadata.xsd


Prateek to send the updated docs to Mary.


>5. New Drafts

>a.draft-sstc-saml-metadata-ext-query-01.pdf
>http://www.oasis-open.org/apps/org/workgroup/security/download.php/16910/draft-sstc-saml-metadata-ext-query-01.pdf
>schema:
>http://www.oasis-open.org/apps/org/workgroup/security/download.php/16911/sstc-saml-metadata-ext-query.xsd

>b.  draft-sstc-saml-protocol-ext-thirdparty-01.pdf
>http://www.oasis-open.org/apps/org/workgroup/security/download.php/16913/draft-sstc-saml-protocol-ext-thirdparty-01.pdf

Scott explained his rational/position on the above 2 docs.
Prateek: Call for a CD vote in couple of weeks.


>6. New Threads

>a. Informational - *Extending the Security Assertion Markup Language to
>Support Delegation for Web Services and Grid Services
>http://www.cs.virginia.edu/~humphrey/papers/SAML_delegation.pdf

Informational. No action required.

>*b. *Authz Decision Response (multiple Actions requested, different
>decisions) <msg00044.html>*
>http://www.oasis-open.org/archives/security-services/200602/msg00044.html


No action on our part. The TC could decide to clarify.


>c. *AuthnQuery filters <msg00045.html>*
>http://www.oasis-open.org/archives/security-services/200602/msg00045.html

Clarification of use of SessionIndex and AuthContext. Is it a AND condition or OR?
There seems to be consistent view that it is an AND condition and son o need to propose an errata note.

>e. *RequestedAuthnContext exact comparison <msg00052.html>*
>http://www.oasis-open.org/archives/security-services/200602/msg00052.html

No need for any change.

>f.  *Discussion of SAML shared credential
>(draft-saml-shared-credential-discussion-01.doc) <msg00059.html>*
http://www.oasis-open.org/archives/security-services/200602/msg00059.html

Paul to investigate further based on Scott's comments. Paul to summarizes possible solutions  … for TC feedback.


>g. New submission from Govt. of NZ on SAML conformance.
>http://www.oasis-open.org/apps/org/workgroup/security/download.php/16936/556735_1.pdf

Further discussion is needed. We may need to someone to champion in W3C.


>7. Errata Review
>http://www.oasis-open.org/apps/org/workgroup/security/download.php/16935/sstc-saml-errata-2.0-draft-24.pdf

PE37: Clarification of Metadata
Scott: Move to close w/o any resolution.
Nick: Seconded

CLOSED.

PE40: Holder of Key.
CLOSED

PE43: Key location
OPEN

PE44:  Constrained delegation. 
OPEN

PE45: AuthnContext Comparision Clarifications. 
OPEN

>a.  AuthnContext comparison clarifications
>http://www.oasis-open.org/archives/security-services/200602/msg00050.html


>b. *ECP PE Text <msg00051.html>
>http://www.oasis-open.org/archives/security-services/200602/msg00051.html


>8.  Open AIs

>*
>*0255*: new PE for AuthnContext comparison clarifications*
>*Owner*: Jahan Moreh
>*Status*: Open
>*Assigned*: 2006-02-27
>*Due*: ---

CLOSED.
------------------------------------------------------------------------
>*#0254*: new PE35 proposal
>*Owner*: Brian Campbell
*Status*: Open
>*Assigned*: 2006-02-27
>*Due*: ---

CLOSED.

------------------------------------------------------------------------
>*#0253*: new drafts of the metadata extension document and the protocol
>extension document
>*Owner*: Scott Cantor
>*Status*: Open
>*Assigned*: 2006-02-27
>*Due*: ---

CLOSED.
------------------------------------------------------------------------
>*#0252*: add a link for the SAML V2.0 profile of XACML V2.0
>*Owner*: Eve Maler
>*Status*: Open
>*Assigned*: 2006-02-27
>*Due*: ---

DONE. Links on Website.
CLOSED.
------------------------------------------------------------------------
>*#0250*: PE 43
>*Owner*: Heather Hinton
>*Status*: Open
>*Assigned*: 2006-02-13
>*Due*: ---

Still OPEN.
------------------------------------------------------------------------
>*#0248*: Provide draft of IBM's SAML 2.0 research report
>*Owner*: Anthony Nadalin
>*Status*: Open
>*Assigned*: 2006-02-13
>*Due*: ---

Anthony to send the paper will be sent to mailing list.

------------------------------------------------------------------------
>*#0245*: Per 17-Jan con-call: Greg W. to propose some clarifying text
>for the attribute profile section re: the issues discussed on the call.
>*Owner*: Greg Whitehead
>*Status*: Open
>*Assigned*: 2006-01-30
>*Due*: ---

OPEN.
------------------------------------------------------------------------
>*#0242*: Recommended text for SAML Attr Sharing Profile
>*Owner*: Rob Philpott
>*Status*: Open
>*Assigned*: 2006-01-17
>*Due*: ---

Msg. 20 from Nov.
Scott: republish the message and vote in the next call.
OPEN.
------------------------------------------------------------------------
>*#0240*: Status of SAML 2.0 submission to ITU T
>*Owner*: Olivier Dubuisson
>*Status*: Open
>*Assigned*: 2005-11-07
>*Due*: ---

Abbie: In progress.  Need response from Liberty.
How to deal with errata?  OASIS is not clear how to deal with errata.
One approach is to append the errata as an appendix.

AI: Abbie to find out if errata can be added as an appendix. 
Jahan: We need to stabilize the errata. A redline version will be useful.

OPEN.
------------------------------------------------------------------------
>*#0238*: Plan for red-line versions of SAML 2.0
>*Owner*: Eve Maler
>*Status*: Open
>*Assigned*: 2005-11-07
>*Due*: ---

Prateek: Need to find some resource to do it.
------------------------------------------------------------------------
>*#0234*: Nick to prepare some text for PE 23.
>*Owner*: Nick Ragouzis*
>*Status*: Open
>*Assigned*: 2005-10-10
>*Due*: ---

CLOSED.
------------------------------------------------------------------------
>*#0230*: SAML Conformance SSL/TLS requirements
>*Owner*: Eric Tiffany
>*Status*: Open
>*Assigned*: 2005-09-12
>*Due*: ---

This overlaps with the NZ proposal. Leave it OPEN.


Prateek: Motion to adjourn.
(ALL): Moved.