OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Draft minutes for 28-Feb-2006 SSTC con-call with attendance


>1. Roll Call

Attendance of Voting Members

  Steve Anderson BMC Software
  Prasanta Behera Individual
  Bhavna Bhatnagar Sun Microsystems
  Sharon Boeyen Entrust
  Brian Campbell Ping Identity
  Carolina Canales-Valenzuela Ericsson
  Scott Cantor Internet2
  Guy Denton IBM
  Heather Hinton IBM
  Frederick Hirsch Nokia
  Jeff Hodges NeuStar
  John Hughes Individual
  Dana Kaufman Forum Systems
  Ari Kermaier Oracle
  Hal Lockhart BEA Systems, Inc
  Paul Madsen NTT Corporation
  Eve Maler Sun Microsystems
  Prateek Mishra Oracle
  Jahan Moreh Sigaba
  Bob Morgan Internet2
  Anthony Nadalin IBM
  Rob Philpott RSA Security
  Nick Ragouzis Enosis Group
  Rick Randall Booz Allen Hamilton
  Irving Reid Hewlett-Packard Company
  David Staggs Veteran's Health Admin
  Eric Tiffany IEEE Industry Standards
  Greg Whitehead Hewlett-Packard Company
  Thomas Wisniewski Entrust

   
Attendance of Non-Voting Members

  Abbie Barbir Nortel
  Vamsi Motukuru Oracle


Attendance of Observers

  Mary McRae OASIS
 
Membership Status Changes

  Jim Lien RSA Security - Lost voting status after 2/28/2006 call
  Emily Xu Sun Microsystems - Lost voting status after 2/28/2006 call
  Vamsi Motukuru Oracle - Granted voting status after 2/28/2006 call



>2. Approve minutes from 14-Feb con-call
>http://lists.oasis-open.org/archives/security-services/200602/msg00042.html

Approved.


>3. Election of Co-Chair

>a. Call for nominations (included in last call agenda and minutes)

>Item 4 (c) of
>http://lists.oasis-open.org/archives/security-services/200602/msg00031.html

>b. Election (or electronic ballot)


Two nominations received. Hal Lockhart (Bea) and Abbie Barbir (Nortal)
No other nominations have been received. Nominations are CLOSED.
Mary from OASIS elaborated the rules for election. Majority voting members have to vote.  
Prateek to send an email to the TC about the process and lists all voting member names and where to send the vote.
Do NOT hit "REPLY ALL"


>4.Editorial issue re: public review of CDs (need .sxw, .html versions)

> a. Committee Draft of SAML Attribute Sharing Profile for X.509
>Authentication-Based Systems
>http://www.oasis-open.org/committees/download.php/14006/sstc-saml-x509-authn-attrib-profile-cd-01.pdf

>b. Committee Draft of SAML XPath Attribute Profile (HTML version also
>available; accompanying schema)
vhttp://www.oasis-open.org/committees/download.php/16112/sstc-saml-xpath-attribute-profile-cd-01.pdf

>Schema:
>http://www.oasis-open.org/committees/download.php/14194/draft-saml-schema-xpath-attribute-profile-1.xsd


><http://www.oasis-open.org/committees/download.php/13846/sstc-saml-metadata-ext.xsd>c.
>Committee Draft of SAML V1.x Metadata Profile
>http://www.oasis-open.org/committees/download.php/13254/sstc-saml1x-metadata-cd-01.pdf

>Schema:
>http://www.oasis-open.org/committees/download.php/13255/sstc-saml1x-metadata.xsd


Prateek to send the updated docs to Mary.


>5. New Drafts

>a.draft-sstc-saml-metadata-ext-query-01.pdf
>http://www.oasis-open.org/apps/org/workgroup/security/download.php/16910/draft-sstc-saml-metadata-ext-query-01.pdf
>schema:
>http://www.oasis-open.org/apps/org/workgroup/security/download.php/16911/sstc-saml-metadata-ext-query.xsd

>b.  draft-sstc-saml-protocol-ext-thirdparty-01.pdf
>http://www.oasis-open.org/apps/org/workgroup/security/download.php/16913/draft-sstc-saml-protocol-ext-thirdparty-01.pdf

Scott explained his rational/position on the above 2 docs.
Prateek: Call for a CD vote in couple of weeks.


>6. New Threads

>a. Informational - *Extending the Security Assertion Markup Language to
>Support Delegationfor Web Services and Grid Services
>http://www.cs.virginia.edu/~humphrey/papers/SAML_delegation.pdf

Informational. No action required.

>*b. *Authz Decision Response (multiple Actions requested, different
>decisions) <msg00044.html>*
>http://www.oasis-open.org/archives/security-services/200602/msg00044.html


No action on our part. The TC could decide to clarify.


>c. *AuthnQuery filters <msg00045.html>*
>http://www.oasis-open.org/archives/security-services/200602/msg00045.html

Clarification of use of SessionIndex and AuthContext. Is it a AND condition or OR?
There seems to be consistent view that it is an AND condition and son o need to propose an errata note.

>e. *RequestedAuthnContext exact comparison <msg00052.html>*
>http://www.oasis-open.org/archives/security-services/200602/msg00052.html

No need for any change.

>f.  *Discussion of SAML shared credential
>(draft-saml-shared-credential-discussion-01.doc) <msg00059.html>*
http://www.oasis-open.org/archives/security-services/200602/msg00059.html

Paul to investigate further based on Scott's comments. Paul to summarizes possible solutions  … for TC feedback.


>g. New submission from Govt. of NZ on SAML conformance.
>http://www.oasis-open.org/apps/org/workgroup/security/download.php/16936/556735_1.pdf

Further discussion is needed. We may need to someone to champion in W3C.


>7. Errata Review
>http://www.oasis-open.org/apps/org/workgroup/security/download.php/16935/sstc-saml-errata-2.0-draft-24.pdf

PE37: Clarification of Metadata
Scott: Move to close w/o any resolution.
Nick: Seconded

CLOSED.

PE40: Holder of Key.
CLOSED

PE43: Key location
OPEN

PE44:  Constrained delegation.
OPEN

PE45: AuthnContext Comparision Clarifications.
OPEN

>a.  AuthnContext comparison clarifications
>http://www.oasis-open.org/archives/security-services/200602/msg00050.html


>b. *ECP PE Text <msg00051.html>
>http://www.oasis-open.org/archives/security-services/200602/msg00051.html


>8.  Open AIs

>*
>*0255*: new PE for AuthnContext comparison clarifications*
>*Owner*: Jahan Moreh
>*Status*: Open
>*Assigned*: 2006-02-27
>*Due*: ---

CLOSED.
------------------------------------------------------------------------
>*#0254*: new PE35 proposal
>*Owner*: Brian Campbell
*Status*: Open
>*Assigned*: 2006-02-27
>*Due*: ---

CLOSED.

------------------------------------------------------------------------
>*#0253*: new drafts of the metadata extension document and the protocol
>extension document
>*Owner*: Scott Cantor
>*Status*: Open
>*Assigned*: 2006-02-27
>*Due*: ---

CLOSED.
------------------------------------------------------------------------
>*#0252*: add a link for the SAML V2.0 profile of XACML V2.0
>*Owner*: Eve Maler
>*Status*: Open
>*Assigned*: 2006-02-27
>*Due*: ---

DONE. Links on Website.
CLOSED.
------------------------------------------------------------------------
>*#0250*: PE 43
>*Owner*: Heather Hinton
>*Status*: Open
>*Assigned*: 2006-02-13
>*Due*: ---

Still OPEN.
------------------------------------------------------------------------
>*#0248*: Provide draft of IBM's SAML 2.0 research report
>*Owner*: Anthony Nadalin
>*Status*: Open
>*Assigned*: 2006-02-13
>*Due*: ---

Anthony to send the paper will be sent to mailing list.

------------------------------------------------------------------------
>*#0245*: Per 17-Jan con-call: Greg W. to propose some clarifying text
>for the attribute profile section re: the issues discussed on the call.
>*Owner*: Greg Whitehead
>*Status*: Open
>*Assigned*: 2006-01-30
>*Due*: ---

OPEN.
------------------------------------------------------------------------
>*#0242*: Recommended text for SAML Attr Sharing Profile
>*Owner*: Rob Philpott
>*Status*: Open
>*Assigned*: 2006-01-17
>*Due*: ---

Msg. 20 from Nov.
Scott: republish the message and vote in the next call.
OPEN.
------------------------------------------------------------------------
>*#0240*: Status of SAML 2.0 submission to ITU T
>*Owner*: Olivier Dubuisson
>*Status*: Open
>*Assigned*: 2005-11-07
>*Due*: ---

Abbie: In progress.  Need response from Liberty.
How to deal with errata?  OASIS is not clear how to deal with errata.
One approach is to append the errata as an appendix.

AI: Abbie to find out if errata can be added as an appendix.
Jahan: We need to stabilize the errata. A redline version will be useful.

OPEN.
------------------------------------------------------------------------
>*#0238*: Plan for red-line versions of SAML 2.0
>*Owner*: Eve Maler
>*Status*: Open
>*Assigned*: 2005-11-07
>*Due*: ---

Prateek: Need to find some resource to do it.
------------------------------------------------------------------------
>*#0234*: Nick to prepare some text for PE 23.
>*Owner*: Nick Ragouzis*
>*Status*: Open
>*Assigned*: 2005-10-10
>*Due*: ---

CLOSED.
------------------------------------------------------------------------
>*#0230*: SAML Conformance SSL/TLS requirements
>*Owner*: Eric Tiffany
>*Status*: Open
>*Assigned*: 2005-09-12
>*Due*: ---

This overlaps with the NZ proposal. Leave it OPEN.


Prateek: Motion to adjourn.
(ALL): Moved.



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]