[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: OASIS SSTC conf call minutes, 15 Aug 2006
OASIS SSTC conference call minutes, 2006-08-15
scribe: RL "Bob" Morgan
Summary:
* vote to conduct IPR Transition Approval Ballot with IPR mode of
RF on Limited Terms
* PEs 52, 55, 58, and 59 accepted and closed
* all are asked to review new Technical Overview doc
* Shared Credential doc voted to CD status
* enthusiasm sought for working on GUIDE SSO scenarios as TC work
Detailed Minutes
1. Roll Call & Agenda Review, Appoint Secretary
2. Approve minutes from July 18 con-call
Note: there was no meeting August 1 due to OASIS mail server problems.
http://www.oasis-open.org/apps/org/workgroup/security/email/archives/200
607/msg00048.html
with one further correction:
http://www.oasis-open.org/apps/org/workgroup/security/email/archives/200
607/msg00050.html
Approved with no further comments.
3. IPR Transition
The chairs recommend that the TC request the TC Admin conduct a
Transition Approval Ballot with an IPR Mode of RF on Limited Terms.
Hal: First step was last year everyone agreed to abide by policy when
signing up for OASIS membership, that's done.
Frederick moves as above, Eve seconds.
Hal: Vote is done by org reps, one vote per org, only those orgs which
have members participating in this TC. Vote must be unanimous to pass, at
least 50% must participate.
Abbie: would like to see vote using RF on RAND terms, propose to amend
motion thusly.
No one seconds, amendment fails.
Heather: can multiple ballots be taken?
Hal: yes
Steve: do companies with current IPR declarations have to do something?
Hal: no
Scott: not retroactive, is it? ie SAML 2.0 isn't covered, it's already
done
Hal: that's right, only applies to new work
Hal: any objections?
Abbie: yes
roll call done: 15 yes, 3 abstain, 1 no, motion carries
4. Errata
Eve: her approach is to take any closed errata changes and incorporate
them into her redline version
Hal: OASIS is about to publish errata process that is quite similar to
what SSTC has been doing already
a. sstc-saml-errata-2.0-draft-33.pdf
http://www.oasis-open.org/apps/org/workgroup/security/download.php/19460
/sstc-saml-errata-2.0-draft-33.pdf
review open errata items
PE52:
Scott: point is that meaning of validity window of assertion-as-a-whole
remains undefined, point of adding subject-confirmation validity window is
to add something clear in the context of the SSO profile
Rob: OK, but "delivery" is confusing, since it's a processing constraint
on the RP, not on the deliverer
Scott: concern about too many words being more confusing
Hal: maybe say it concisely, then a note explaining further
Greg: more about "acceptance" than "delivery", right?
Scott: propose this change:
"... a NotOnOrAfter attribute that limits the window during which the
assertion can be confirmed by the relying party"
no objections, PE52 closed
PE55:
Scott: waiting for confirmation from implementors that proposed changes
were consistent with previous decisions on behavior, but no comments
main change is making clear that nameidmgt just applies to identifiers,
not to "principal" in the abstract as thing with many ids
Hal: accept as proposed? no objections
PE55 accepted, closed
PE58:
accepted, closed
PE59:
accepted, closed
b. Errata diffs
http://www.oasis-open.org/apps/org/workgroup/security/download.php/19708
/sstc-saml-profiles-errata-2.0-wd-02-diff.pdf
http://www.oasis-open.org/apps/org/workgroup/security/download.php/19697
/sstc-saml-metadata-errata-2.0-wd-01-diff.pdf
http://www.oasis-open.org/apps/org/workgroup/security/download.php/19640
/sstc-saml-conformance-errata-2.0-wd-01-diff.pdf
http://www.oasis-open.org/apps/org/workgroup/security/download.php/19630
/sstc-saml-bindings-errata-2.0-wd-01-diff.pdf
http://www.oasis-open.org/apps/org/workgroup/security/download.php/19628
/sstc-saml-core-errata-2.0-wd-01-diff.pdf
Eve: Kept text same except for errata and page footers and such. Propose
"errata contributor list" to acknowledge new people.
Hal: why not just add to regular contrib list
Eve: rather keep orig doc clean
Rob: agree
Eve: with affiliations as asserted by contributors
Hal: in new formal errata process the normative doc would be like current
errata doc, not the redline version
Eve: please give context in errata
Discussion
http://www.oasis-open.org/apps/org/workgroup/security/email/archives/200
608/msg00043.html
5. Documents Published
a. Update to Technical Overview published
http://www.oasis-open.org/apps/org/workgroup/security/email/archives/200
607/msg00058.html
Eve: pared down to profiles/bindings actually in use, new figures, etc
please review, everyone
Rob: didn't touch "attribute-based federation" section since finds it
confusing, could use some help
Scott/Prateek: will do
also gap in nameid-management protocol coverage, problem?
Eve: would like to see wiki-style presentation of material
Hal: but still need to email the doc
Scott: could make overview doc small if supplemented by online wiki eg
Rob: so more nameidmgt material?
Scott: not with sequence diagram
Hal: schedule discussion of open items ("yellow text") for next conf call
b. New Input: SAML Text Challenge Response Token Authentication Context
Class
http://www.oasis-open.org/apps/org/workgroup/security/download.php/19455
/draft-saml-text-based-challenge-response-authn-context-class-01.pdf
Tom W: defines text-based C/R, not covered by current stuff
c. SAML Web page update
6. New Profile drafts (post public review)
a. Metadata
SAML 1.x metadata profile
SAML metadata ext for query req
SAML protocol ext for third-party req
http://www.oasis-open.org/apps/org/workgroup/security/email/archives/200
607/msg00073.html
b. Shared Credentials
http://www.oasis-open.org/apps/org/workgroup/security/email/archives/200
608/msg00013.html
Vote for CD status.
Paul Madsen moves for CD status. Ashish Shah seconds. No objections,
passed.
Prateek: what's status of X.509 attribute profile?
7. Active Threads
a. Potential errata in SSO Profile
http://www.oasis-open.org/apps/org/workgroup/security/email/archives/200
608/msg00018.html
b. Additional SSO Scenarios from GUIDE project
http://www.oasis-open.org/apps/org/workgroup/security/email/archives/200
608/msg00050.html
Hal: seems like potentially useful TC work, seeking others
8. Open AIs
#0261: Chairs to contact GUIDE for follow-up
Owner:
Status: Open
Assigned: 2006-07-18
Due: ---
#0262: Creation of the "new" LDAP/X.500 profile
Owner: Scott Cantor
Status: Open
Assigned: 2006-07-18
Due: ---
remains open
#0263: NameID and the use of SPProvidedID
Owner: Jahan Moreh
Status: Open
Assigned: 2006-07-18
Due: ---
Scott will check with Jahan
#0238: Plan for red-line versions of SAML 2.0
Owner: Eve Maler
Status: Open
Assigned: 2005-11-08
Due: ---
closed
#0240: Status of SAML 2.0 submission to ITU T
Owner: Abbie Barbir
Status: Open
Assigned: 2005-11-08
Due: ---
9. Other business
Scott: concern about long public review time
Hal: only first review is long, others can be 15 days
10. Adjourn
---
Attendance of Voting Members
Steve Anderson BMC Software
Abbie Barbir Nortel
Bhavna Bhatnagar Sun Microsystems
Brian Campbell Ping Identity
Scott Cantor Internet2
Heather Hinton IBM
Frederick Hirsch Nokia
John Hughes PA Consulting
Hal Lockhart BEA Systems, Inc
Paul Madsen NTT Corporation
Eve Maler Sun Microsystems
Prateek Mishra Oracle
Bob Morgan Internet2
Ashish Patel France Telecom
Rob Philpott RSA Security
David Staggs Veteran's Health Admin
Eric Tiffany IEEE Industry Standards
Greg Whitehead Hewlett-Packard Company
Thomas Wisniewski Entrust
Emily Xu Sun Microsystems
Attendance of Non-Voting Members
Ari Kermaier Oracle
Tom Scavo National Center for Supercomputing Applications
Membership Status Changes
Darren Platt Ping Identity - Withdrew from TC 7/21/2006
Andrew Sliwkowski RSA Security - Granted membership 7/21/2006
John Harby Individual - Granted membership 7/21/2006
Prasanta Behera Individual - Requested Observer status 8/8/2006
Ari Kermaier Oracle - Granted voting status after 8/15//2006 call
Tom Scavo National Center for Supercomputing Applications - Granted
voting status after 8/15//2006 call
Sharon Boeyen Entrust - Lost voting status after 8/15/2006 call
Carolina Canales-Valenzuela Ericsson - Lost voting status after
8/15/2006 call
Guy Denton IBM - Lost voting status after 8/15/2006 call
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]