security-services message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Draft minutes for 28-Feb-2006 SSTC con-call with attendance
- From: "prasanta behera" <pkb.prasanta@gmail.com>
- To: Saml <security-services@lists.oasis-open.org>
- Date: Tue, 28 Feb 2006 13:00:58 -0800
>1. Roll Call
Attendance of Voting Members
Steve Anderson BMC Software
Prasanta Behera Individual
Bhavna Bhatnagar Sun Microsystems
Sharon Boeyen Entrust
Brian Campbell Ping Identity
Carolina Canales-Valenzuela Ericsson
Scott Cantor Internet2
Guy Denton IBM
Heather Hinton IBM
Frederick Hirsch Nokia
Jeff Hodges NeuStar
John Hughes Individual
Dana Kaufman Forum Systems
Ari Kermaier Oracle
Hal Lockhart BEA Systems, Inc
Paul Madsen NTT Corporation
Eve Maler Sun Microsystems
Prateek Mishra Oracle
Jahan Moreh Sigaba
Bob Morgan Internet2
Anthony Nadalin IBM
Rob Philpott RSA Security
Nick Ragouzis Enosis Group
Rick Randall Booz Allen Hamilton
Irving Reid Hewlett-Packard Company
David Staggs Veteran's Health Admin
Eric Tiffany IEEE Industry Standards
Greg Whitehead Hewlett-Packard Company
Thomas Wisniewski Entrust
Attendance of Non-Voting Members
Abbie Barbir Nortel
Vamsi Motukuru Oracle
Attendance of Observers
Mary McRae OASIS
Membership Status Changes
Jim Lien RSA Security - Lost voting status after 2/28/2006 call
Emily Xu Sun Microsystems - Lost voting status after 2/28/2006 call
Vamsi Motukuru Oracle - Granted voting status after 2/28/2006 call
>2. Approve minutes from 14-Feb con-call
>http://lists.oasis-open.org/archives/security-services/200602/msg00042.html
Approved.
>3. Election of Co-Chair
>a. Call for nominations (included in last call agenda and minutes)
>Item 4 (c) of
>http://lists.oasis-open.org/archives/security-services/200602/msg00031.html
>b. Election (or electronic ballot)
Two nominations received. Hal Lockhart (Bea) and Abbie Barbir (Nortal)
No other nominations have been received. Nominations are CLOSED.
Mary from OASIS elaborated the rules for election. Majority voting members have to vote.
Prateek to send an email to the TC about the process and lists all voting member names and where to send the vote.
Do NOT hit "REPLY ALL"
>4.Editorial issue re: public review of CDs (need .sxw, .html versions)
> a. Committee Draft of SAML Attribute Sharing Profile for X.509
>Authentication-Based Systems
>http://www.oasis-open.org/committees/download.php/14006/sstc-saml-x509-authn-attrib-profile-cd-01.pdf
>b. Committee Draft of SAML XPath Attribute Profile (HTML version also
>available; accompanying schema)
vhttp://www.oasis-open.org/committees/download.php/16112/sstc-saml-xpath-attribute-profile-cd-01.pdf
>Schema:
>http://www.oasis-open.org/committees/download.php/14194/draft-saml-schema-xpath-attribute-profile-1.xsd
><http://www.oasis-open.org/committees/download.php/13846/sstc-saml-metadata-ext.xsd>c.
>Committee Draft of SAML V1.x Metadata Profile
>http://www.oasis-open.org/committees/download.php/13254/sstc-saml1x-metadata-cd-01.pdf
>Schema:
>http://www.oasis-open.org/committees/download.php/13255/sstc-saml1x-metadata.xsd
Prateek to send the updated docs to Mary.
>5. New Drafts
>a.draft-sstc-saml-metadata-ext-query-01.pdf
>http://www.oasis-open.org/apps/org/workgroup/security/download.php/16910/draft-sstc-saml-metadata-ext-query-01.pdf
>schema:
>http://www.oasis-open.org/apps/org/workgroup/security/download.php/16911/sstc-saml-metadata-ext-query.xsd
>b. draft-sstc-saml-protocol-ext-thirdparty-01.pdf
>http://www.oasis-open.org/apps/org/workgroup/security/download.php/16913/draft-sstc-saml-protocol-ext-thirdparty-01.pdf
Scott explained his rational/position on the above 2 docs.
Prateek: Call for a CD vote in couple of weeks.
>6. New Threads
>a. Informational - *Extending the Security Assertion Markup Language to
>Support Delegationfor Web Services and Grid Services
>http://www.cs.virginia.edu/~humphrey/papers/SAML_delegation.pdf
Informational. No action required.
>*b. *Authz Decision Response (multiple Actions requested, different
>decisions) <msg00044.html>*
>http://www.oasis-open.org/archives/security-services/200602/msg00044.html
No action on our part. The TC could decide to clarify.
>c. *AuthnQuery filters <msg00045.html>*
>http://www.oasis-open.org/archives/security-services/200602/msg00045.html
Clarification of use of SessionIndex and AuthContext. Is it a AND condition or OR?
There seems to be consistent view that it is an AND condition and son o need to propose an errata note.
>e. *RequestedAuthnContext exact comparison <msg00052.html>*
>http://www.oasis-open.org/archives/security-services/200602/msg00052.html
No need for any change.
>f. *Discussion of SAML shared credential
>(draft-saml-shared-credential-discussion-01.doc) <msg00059.html>*
http://www.oasis-open.org/archives/security-services/200602/msg00059.html
Paul to investigate further based on Scott's comments. Paul to summarizes possible solutions … for TC feedback.
>g. New submission from Govt. of NZ on SAML conformance.
>http://www.oasis-open.org/apps/org/workgroup/security/download.php/16936/556735_1.pdf
Further discussion is needed. We may need to someone to champion in W3C.
>7. Errata Review
>http://www.oasis-open.org/apps/org/workgroup/security/download.php/16935/sstc-saml-errata-2.0-draft-24.pdf
PE37: Clarification of Metadata
Scott: Move to close w/o any resolution.
Nick: Seconded
CLOSED.
PE40: Holder of Key.
CLOSED
PE43: Key location
OPEN
PE44: Constrained delegation.
OPEN
PE45: AuthnContext Comparision Clarifications.
OPEN
>a. AuthnContext comparison clarifications
>http://www.oasis-open.org/archives/security-services/200602/msg00050.html
>b. *ECP PE Text <msg00051.html>
>http://www.oasis-open.org/archives/security-services/200602/msg00051.html
>8. Open AIs
>*
>*0255*: new PE for AuthnContext comparison clarifications*
>*Owner*: Jahan Moreh
>*Status*: Open
>*Assigned*: 2006-02-27
>*Due*: ---
CLOSED.
------------------------------------------------------------------------
>*#0254*: new PE35 proposal
>*Owner*: Brian Campbell
*Status*: Open
>*Assigned*: 2006-02-27
>*Due*: ---
CLOSED.
------------------------------------------------------------------------
>*#0253*: new drafts of the metadata extension document and the protocol
>extension document
>*Owner*: Scott Cantor
>*Status*: Open
>*Assigned*: 2006-02-27
>*Due*: ---
CLOSED.
------------------------------------------------------------------------
>*#0252*: add a link for the SAML V2.0 profile of XACML V2.0
>*Owner*: Eve Maler
>*Status*: Open
>*Assigned*: 2006-02-27
>*Due*: ---
DONE. Links on Website.
CLOSED.
------------------------------------------------------------------------
>*#0250*: PE 43
>*Owner*: Heather Hinton
>*Status*: Open
>*Assigned*: 2006-02-13
>*Due*: ---
Still OPEN.
------------------------------------------------------------------------
>*#0248*: Provide draft of IBM's SAML 2.0 research report
>*Owner*: Anthony Nadalin
>*Status*: Open
>*Assigned*: 2006-02-13
>*Due*: ---
Anthony to send the paper will be sent to mailing list.
------------------------------------------------------------------------
>*#0245*: Per 17-Jan con-call: Greg W. to propose some clarifying text
>for the attribute profile section re: the issues discussed on the call.
>*Owner*: Greg Whitehead
>*Status*: Open
>*Assigned*: 2006-01-30
>*Due*: ---
OPEN.
------------------------------------------------------------------------
>*#0242*: Recommended text for SAML Attr Sharing Profile
>*Owner*: Rob Philpott
>*Status*: Open
>*Assigned*: 2006-01-17
>*Due*: ---
Msg. 20 from Nov.
Scott: republish the message and vote in the next call.
OPEN.
------------------------------------------------------------------------
>*#0240*: Status of SAML 2.0 submission to ITU T
>*Owner*: Olivier Dubuisson
>*Status*: Open
>*Assigned*: 2005-11-07
>*Due*: ---
Abbie: In progress. Need response from Liberty.
How to deal with errata? OASIS is not clear how to deal with errata.
One approach is to append the errata as an appendix.
AI: Abbie to find out if errata can be added as an appendix.
Jahan: We need to stabilize the errata. A redline version will be useful.
OPEN.
------------------------------------------------------------------------
>*#0238*: Plan for red-line versions of SAML 2.0
>*Owner*: Eve Maler
>*Status*: Open
>*Assigned*: 2005-11-07
>*Due*: ---
Prateek: Need to find some resource to do it.
------------------------------------------------------------------------
>*#0234*: Nick to prepare some text for PE 23.
>*Owner*: Nick Ragouzis*
>*Status*: Open
>*Assigned*: 2005-10-10
>*Due*: ---
CLOSED.
------------------------------------------------------------------------
>*#0230*: SAML Conformance SSL/TLS requirements
>*Owner*: Eric Tiffany
>*Status*: Open
>*Assigned*: 2005-09-12
>*Due*: ---
This overlaps with the NZ proposal. Leave it OPEN.
Prateek: Motion to adjourn.
(ALL): Moved.
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]