[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: minutes for OASIS SSTC conf call, 2006-05-09
OASIS SSTC conference call minutes, 2006-05-09 scribe: RL "Bob" Morgan ** Summary Votes: accept errata items PE-51, PE-46 close errata item PE-48 New AIs: Eve to start new document capturing proposed enhancements. AIs closed: 245 ** Detailed Minutes 1. Roll Call & Agenda Review Quorum achieved. 2. Approve minutes from 25-Apr con-call http://lists.oasis-open.org/archives/security-services/200604/msg00035.html Approved. 3. Informational a. ITU-T *pending* approval of SAML and XACML http://lists.oasis-open.org/archives/security-services/200605/msg00000.html Abbie: Status now is sort of like "committee draft", now is moving to next level of approval, country-based voting, ballot later in May, finished in June. Most important hurdle has been passed. b. Five CD drafts ready for public review (waiting on OASIS announcement) http://www.oasis-open.org/apps/org/workgroup/security/documents.php?open_folder_id=1318#folder_1318 Prateek: this has been under way for a couple of months, should be formally announced by Mary later today John Hughes: tech overview has been stalled for months, Rob P has editing token, still in unfinished state Eve: had worked on it too, with Nick, but never finished ... will follow up with Rob on status observations from developers that lack of intro material is a barrier so this is important to get done some question about inclusion of use scenarios ... 4. Active Threads a. Proposed text to resolve AI #0256 http://lists.oasis-open.org/archives/security-services/200604/msg00030.html Jahan: Recorded as PE 50 in current errata doc. Prateek: please review and respond. b. Possible Errata in saml-profiles-2.0-os http://lists.oasis-open.org/archives/security-services/200605/msg00001.html Jahan: this is PE 51, simple editorial change. Move to accept, seconded by Scott. Prateek: any objections? none heard, passes. c. Proposal concerning Outstanding assertions and NameID changes http://lists.oasis-open.org/archives/security-services/200604/msg00021.html GregW: This is a proposed enhancement, not errata. Could be done as extension. Prateek: Agreed. Conor: OK, missing functionality, not error. Useful to know about outstanding statements so SP can know how long to retain old stuff. Prateek: We don't have enhancements list. Scott: People have been writing up extension drafts, so Conor should too. Conor: Noted. Greg: Would be useful to have an enhancements list anyway ... Eve: could be as simple as errata doc, just link to message Conor: useful to distinguish between authentic enhancements and requests to do things that the spec already covers ... Eve: will start this doc d. Problem with use of X500:Encoding and xsi:type http://lists.oasis-open.org/archives/security-services/200605/msg00004.html Greg: not just LDAP profile, others have this problem too Scott: don't others apply XML attribute to the Attribute element? Greg: OK, maybe not Scott: can create new profile, deprecate old one RLBob: Steven Legg had another issue, might help motivate Eric: why haven't people run into this? Scott: because they're not doing schema validation Greg: can note that this is a problem, define new one without the problem? Jahan: will list as new erratum 4.5 Errata review PE-46: AudienceRestriction ... Conor: proposed rewording to make clear which element is being talked about, to clarify processing Scott: move to accept, Jahan seconds PE-48: clarification on binary values in LDAP profile Greg: would like more general clarification on separation of nameformat, attribute name, and value type Scott: clarify that this is a two-part name, profiled usage has to be defined, within a deployment, based on unique two-part name (nameformat and name) Jahan: this is the PE-49 issue right? Jahan: move to close 48, Greg seconds no objections, 48 closed new PE: text re "delivery of assertion" Scott: text may need improvement, but it says what is intended accurate since it's in browser profile, not core Rob: OK, request clarified text 5. Open AIs #0259: Propose text to resolve PE 49 - Clarification on attribute name format (The relationship between an attribute~Rs NameFormat and its syntax is not clear.) Owner: Scott Cantor Status: Open Assigned: 2006-04-26 Due: 2006-05-15 ---------------------------------------------------------------------------- #0257: authentication context and shared credentials Owner: Paul Madsen Status: Open Assigned: 2006-04-10 Due: 2006-04-30 ---------------------------------------------------------------------------- #0250: PE 43 Owner: Heather Hinton Status: Open Assigned: 2006-02-13 Due: --- Prateek will ping Heather on this. Scott may comment. ---------------------------------------------------------------------------- #0245: Per 17-Jan con-call: Greg W. to propose some clarifying text for the attribute profile section re: the issues discussed on the call. Owner: Greg Whitehead Status: Open Assigned: 2006-01-30 Due: --- Now listed as erratum, so closed. ---------------------------------------------------------------------------- #0240: Status of SAML 2.0 submission to ITU T Owner: Abbie Barbir Status: Open Assigned: 2005-11-08 Due: --- Stays open until final ballot clears. ---------------------------------------------------------------------------- #0238: Plan for red-line versions of SAML 2.0 Owner: Eve Maler Status: Open Assigned: 2005-11-08 Due: --- Remains open. Eve: can work done for ITU be re-purposed? Abbie: maybe, will check general discussion Eve: discussion of "lightweight" SAML at Internet Identity Workshop encourage use of Shibboleth/SAML wiki Scott: note both openidp.org and protectnetwork.org are SAML IdPs that any user can sign up for, any SP can use --- ** Attendance: Attendance of Voting Members Steve Anderson BMC Software Abbie Barbir Nortel Bhavna Bhatnagar Sun Microsystems Sharon Boeyen Entrust Brian Campbell Ping Identity Carolina Canales-Valenzuela Ericsson Scott Cantor Internet2 Guy Denton IBM Dana Kaufman Forum Systems Eve Maler Sun Microsystems Prateek Mishra Oracle Jahan Moreh Sigaba Bob Morgan Internet2 Anthony Nadalin IBM Rob Philpott RSA Security Nick Ragouzis Enosis Group David Staggs Veteran's Health Admin Eric Tiffany IEEE Industry Standards Greg Whitehead Hewlett-Packard Company Thomas Wisniewski Entrust Emily Xu Sun Microsystems Attendance of Non-Voting Members Conor P. Cahill Intel Jeff Hodges NeuStar John Hughes PA Consulting Attendance of Observers Irving Reid Hewlett-Packard Company Membership Status Changes Nick Ragouzis Enosis Group - Granted voting status after 4/25/2005 call Prasanta Behera Individual - Lost voting status after 4/25/2005 call Jeff Hodges NeuStar - Lost voting status after 4/25/2005 call Rick Randall Booz Allen Hamilton - Lost voting status after 4/25/2005 call Raajmohan Natarajan EDS Granted membership 4/25/2005 Irving Reid Hewlett-Packard Company Withdrew 3/9/2006
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]