OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: minutes for OASIS SSTC conf call, 2006-05-09



OASIS SSTC conference call minutes, 2006-05-09
scribe:  RL "Bob" Morgan

**  Summary

Votes:

   accept errata items PE-51, PE-46
   close errata item PE-48

New AIs:

   Eve to start new document capturing proposed enhancements.

AIs closed:

   245

**  Detailed Minutes

   1.  Roll Call & Agenda Review

Quorum achieved.

   2.  Approve minutes from 25-Apr con-call

http://lists.oasis-open.org/archives/security-services/200604/msg00035.html

Approved.

   3. Informational

   a. ITU-T *pending* approval of SAML and XACML

http://lists.oasis-open.org/archives/security-services/200605/msg00000.html

Abbie:  Status now is sort of like "committee draft", now is moving to
   next level of approval, country-based voting, ballot later in May,
   finished in June.  Most important hurdle has been passed.

   b. Five CD drafts ready for public review (waiting on OASIS 
announcement)

http://www.oasis-open.org/apps/org/workgroup/security/documents.php?open_folder_id=1318#folder_1318

Prateek:  this has been under way for a couple of months, should be
   formally announced by Mary later today
John Hughes:  tech overview has been stalled for months, Rob P has editing
   token, still in unfinished state
Eve:  had worked on it too, with Nick, but never finished ...
   will follow up with Rob on status
   observations from developers that lack of intro material is a barrier
     so this is important to get done
   some question about inclusion of use scenarios ...

   4. Active Threads

   a. Proposed text to resolve AI #0256

http://lists.oasis-open.org/archives/security-services/200604/msg00030.html

Jahan:  Recorded as PE 50 in current errata doc.
Prateek:  please review and respond.

   b. Possible Errata in saml-profiles-2.0-os

http://lists.oasis-open.org/archives/security-services/200605/msg00001.html

Jahan:  this is PE 51, simple editorial change.  Move to accept, seconded
by Scott.
Prateek:  any objections?  none heard, passes.

   c. Proposal concerning Outstanding assertions and NameID changes

http://lists.oasis-open.org/archives/security-services/200604/msg00021.html

GregW:  This is a proposed enhancement, not errata.  Could be done as
   extension.
Prateek:  Agreed.
Conor:  OK, missing functionality, not error.  Useful to know about
   outstanding statements so SP can know how long to retain old stuff.
Prateek:  We don't have enhancements list.
Scott:  People have been writing up extension drafts, so Conor should too.
Conor:  Noted.
Greg:  Would be useful to have an enhancements list anyway ...
Eve:  could be as simple as errata doc, just link to message
Conor:  useful to distinguish between authentic enhancements and requests
   to do things that the spec already covers ...
Eve:  will start this doc

   d. Problem with use of X500:Encoding and xsi:type

http://lists.oasis-open.org/archives/security-services/200605/msg00004.html

Greg:  not just LDAP profile, others have this problem too
Scott:  don't others apply XML attribute to the Attribute element?
Greg:  OK, maybe not
Scott:  can create new profile, deprecate old one
RLBob:  Steven Legg had another issue, might help motivate
Eric:  why haven't people run into this?
Scott:  because they're not doing schema validation
Greg:  can note that this is a problem, define new one without the
   problem?
Jahan:  will list as new erratum

4.5  Errata review

   PE-46:  AudienceRestriction ...

Conor:  proposed rewording to make clear which element is being talked
   about, to clarify processing
Scott:  move to accept, Jahan seconds

   PE-48:  clarification on binary values in LDAP profile

Greg:  would like more general clarification on separation of nameformat,
   attribute name, and value type
Scott:  clarify that this is a two-part name, profiled usage has to be
   defined, within a deployment, based on unique two-part name (nameformat
   and name)
Jahan:  this is the PE-49 issue right?
Jahan:  move to close 48, Greg seconds
   no objections, 48 closed

   new PE:  text re "delivery of assertion"

Scott:  text may need improvement, but it says what is intended
   accurate since it's in browser profile, not core
Rob:  OK, request clarified text

5. Open AIs

#0259: Propose text to resolve PE 49 - Clarification on attribute name
   format (The relationship between an attribute~Rs NameFormat and its
   syntax is not clear.)
Owner: Scott Cantor
Status: Open
Assigned: 2006-04-26
Due: 2006-05-15

----------------------------------------------------------------------------

#0257: authentication context and shared credentials
Owner: Paul Madsen
Status: Open
Assigned: 2006-04-10
Due: 2006-04-30

----------------------------------------------------------------------------

#0250: PE 43
Owner: Heather Hinton
Status: Open
Assigned: 2006-02-13
Due: ---

Prateek will ping Heather on this.  Scott may comment.

----------------------------------------------------------------------------

#0245: Per 17-Jan con-call: Greg W. to propose some clarifying text for
   the attribute profile section re: the issues discussed on the call.
Owner: Greg Whitehead
Status: Open
Assigned: 2006-01-30
Due: ---

Now listed as erratum, so closed.

----------------------------------------------------------------------------

#0240: Status of SAML 2.0 submission to ITU T
Owner: Abbie Barbir
Status: Open
Assigned: 2005-11-08
Due: ---

Stays open until final ballot clears.

----------------------------------------------------------------------------

#0238: Plan for red-line versions of SAML 2.0
Owner: Eve Maler
Status: Open
Assigned: 2005-11-08
Due: ---

Remains open.

Eve:  can work done for ITU be re-purposed?
Abbie:  maybe, will check


general discussion

Eve:  discussion of "lightweight" SAML at Internet Identity Workshop
   encourage use of Shibboleth/SAML wiki
Scott:  note both openidp.org and protectnetwork.org are SAML IdPs that
   any user can sign up for, any SP can use


---

**  Attendance:

Attendance of Voting Members

   Steve Anderson BMC Software
   Abbie Barbir Nortel
   Bhavna Bhatnagar Sun Microsystems
   Sharon Boeyen Entrust
   Brian Campbell Ping Identity
   Carolina Canales-Valenzuela Ericsson
   Scott Cantor Internet2
   Guy Denton IBM
   Dana Kaufman Forum Systems
   Eve Maler Sun Microsystems
   Prateek Mishra Oracle
   Jahan Moreh Sigaba
   Bob Morgan Internet2
   Anthony Nadalin IBM
   Rob Philpott RSA Security
   Nick Ragouzis Enosis Group
   David Staggs Veteran's Health Admin
   Eric Tiffany IEEE Industry Standards
   Greg Whitehead Hewlett-Packard Company
   Thomas Wisniewski Entrust
   Emily Xu Sun Microsystems

Attendance of Non-Voting Members

   Conor P. Cahill Intel
   Jeff Hodges NeuStar
   John Hughes PA Consulting

Attendance of Observers

   Irving Reid Hewlett-Packard Company

Membership Status Changes

   Nick Ragouzis Enosis Group - Granted voting status after 4/25/2005
     call
   Prasanta Behera Individual - Lost voting status after 4/25/2005
     call
   Jeff Hodges NeuStar - Lost voting status after 4/25/2005 call
   Rick Randall Booz Allen Hamilton - Lost voting status after
     4/25/2005 call
   Raajmohan Natarajan EDS Granted membership 4/25/2005
   Irving Reid Hewlett-Packard Company Withdrew 3/9/2006



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]