[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Draft minutes for 19 December 2006 SSTC meeting (WITH roll data)
Roll data added below.
--
Steve Anderson
BMC Software
-----Original Message-----
From: Eve.Maler@Sun.COM [mailto:Eve.Maler@Sun.COM]
Sent: Tuesday, December 19, 2006 12:46 PM
To: security-services@lists.oasis-open.org
Subject: [security-services] Draft minutes for 19 December 2006 SSTC
meeting (minus roll data)
> 1. Roll Call & Agenda Review, Select Minute Taker
>
Attendance of Voting Members
Steve Anderson BMC Software
Carolina Canales-Valenzuela Ericsson
Scott Cantor Internet2
Peter Davis NeuStar
Heather Hinton IBM
Frederick Hirsch Nokia
Chris Laskowski Booz Allen Hamilton
Hal Lockhart BEA Systems, Inc
Paul Madsen NTT Corporation
Eve Maler Sun Microsystems
Prateek Mishra Oracle
Bob Morgan Internet2
Anthony Nadalin IBM
Ashish Patel France Telecom
Rob Philpott RSA Security
Tom Scavo National Center for Supercomputing Applications
David Staggs Veteran's Health Admin
Eric Tiffany IEEE Industry Standards
Greg Whitehead Hewlett-Packard Company
Emily Xu Sun Microsystems
Attendance of Non-Voting Members
Conor P. Cahill Intel
Michael Merrill RSA Security
Attendance of Observers
John Moehrke GE Healthcare
Alessandro Triglia OSS Nokalva
Thomas Wisniewski Entrust
Membership Status Changes
Abbie Barbir Nortel Requested LOA on 11-27-2006 for 4 weeks
Peter Michalek Individual OASIS account deactivated 12/7/2006
Michael Merrill RSA Security Granted member status on 12/13/2006
Jahan Moreh Sigaba Left group 12/13/2006
Sharon Boeyen Entrust Left group 12/18/2006
Thomas Wisniewski Entrust Left group 12/18/2006
Jeff Hodges NeuStar Lost voting status after 12/19/2006 call
Rebekah Metz Booz Allen Hamilton Lost voting status after 12/19/2006
call
> 2. Approve minutes from December 5 con-call
>
http://www.oasis-open.org/archives/security-services/200612/msg00012.htm
l
>
> with correction:
>
>
http://www.oasis-open.org/archives/security-services/200612/msg00017.htm
l
Corrected minutes APPROVED by unanimous consent.
AI: Prateek to post a cleanly corrected version of 5 Dec 2006
minutes for reference.
2a. 2007 meeting schedule
We will skip the 2 Jan 2007 meeting because many people will still
be on holiday.
Our first meeting of the new year will be 16 Jan 2006.
AI: Hal to post the 2007 meeting schedule in the OASIS calendar.
> 3. Security Services TC IPR Ballot
>
> Ballot passed. TC will operate in RF on RAND terms as of December 26
Note the built-in delay before this takes effect.
In the interim, at least Entrust has dropped its membership.
Members who have dropped during this period might decide to join
again eventually.
Hal is looking into the status of documents drafted under the old
rules but to be finished under the new rules.
> 4. Pending 60-day reviews - waiting on minor doc edits from authors
(now
> complete)
Mary McRae had noted some minor editing and consistency errors.
Paul has talked to Scott and JeffH about the status of fixes.
> Should the Simple Sign Binding be withdrawn from the Public Review?
http://www.oasis-open.org/committees/download.php/21433/draft-sstc-saml-
binding-simplesign-cd-01.pdf
Scott had noted in email that a significant flaw has been found
already in private review. Since the start of the public review
period was significantly delayed, the TC has an opportunity to
withdraw it for public review in this call.
MOTION to cancel the 60-day public review of the SimpleSign
document: Moved by Scott and seconded by Rob.
APPROVED by unanimous consent.
AI: Paul to pull together the links for the documents that will be
going to public review.
AI: Scott to correct the SimpleSign document. (He might "delegate"
to JeffH...)
> 5. SAML V2.0 X.500/LDAP Attribute Profile
>
> Vote for Committee Draft.
http://www.oasis-open.org/committees/download.php/20650/draft-sstc-saml-
attribute-x500-01.pdf
This is the attribute profile that was originally part of SAML V2.0
but had an erratum, PE53, that required a normative change to fix.
MOTION to take SAML V2.0 X.500/LDAP Attribute Profile to Committee
Draft status: Moved by RLBob and seconded by Rob.
APPROVED by unanimous consent.
MOTION to take the SAML V2.0 X.500/LDAP Attribute Profile to public
review with the rest of the ongoing public-review package: Moved by
Scott and seconded by Peter.
APPROVED by unanimous consent.
AI: Scott to edit/assemble the OASIS-required forms of the SAML V2.0
X.500/LDAP Attribute Profile CD for public review.
After this public review cycle is completed, we can safely decide on
deprecation wording in response to PE53.
> 6. Documents Posted
>
> SAML V2.0 Deployment Profiles for X.509 Subjects
>
http://www.oasis-open.org/archives/security-services/200612/msg00024.htm
l
http://www.oasis-open.org/committees/download.php/21568/sstc-saml2-profi
les-deploy-x509-draft-01.pdf
Tom Scavo notes that this is first in a new document stream that
came from the attribute-sharing profile draft. The cornerstone of
this new document is an attribute query for X.509 subjects.
There is an outstanding bug in the overall set of deployment
profiles that has been fixed in this particular profile document,
but not yet in the others. The bug is that, in draft 10 of the
attribute-sharing profile, the name qualifier on NameID had the
value of the issuer DN, which goes against the SAML2 core spec (it's
supposed to be omitted in the case of standard NameID formats).
http://www.oasis-open.org/committees/download.php/19054/sstc-saml-x509-a
uthn-attrib-profile-draft-10.pdf
> 7. Need new Errata maintainer
Jahan Moreh is no longer able to participate in the TC. The TC
thanks him for his service!
Eve agrees to maintain both the working and OASIS-Standard-bound
errata documents up through the 16 Jan 2006 meeting. After that,
someone else needs to step up.
> 8. Action Items
>
> #0272: Errata around TLS keys in metadata
> Owner:
> Status: Open
> Assigned: 2006-12-19
> Due: ---
AI: Scott to send Eve his notes on the erratum.
AI: Eve to add a "TLS keys" erratum to the errata documents.
> #0271: submit a draft of an alternative approach to IdP Discovery on
> behalf of Shibboleth Project
> Owner: Scott Cantor
> Status: Open
> Assigned: 2006-12-19
> Due: 2007-01-31
Scott accepts this due date.
> #0270: Draft Errata re: IdP Discovery Profile
> Owner: Scott Cantor
> Status: Open
> Assigned: 2006-12-19
> Due: 2007-01-31
Scott accepts this due date.
> #0269: CDize errata based on draft 35
> Owner: Eve Maler
> Status: Open
> Assigned: 2006-09-25
> Due: ---
New due date of 16 Jan 2006.
> #0266: New deployment profile
> Owner: Tom Scavo*
> Status: Open
> Assigned: 2006-09-25
> Due: ---
Completed.
> #0265: Updated draft of X.500 attribute sharing deployment profile
> Owner: Ari Kermaier
> Status: Open
> Assigned: 2006-09-25
> Due: ---
In the title of this AI, s/X.500/X.509/
We don't know that Ari is willing to do this.
AI: Prateek to confirm that Ari is willing to take on AI #0265 and
get a due date from him.
> 9. Other business
Eve notes that at the recent Internet Identity Workshop (IIW2006b),
she and others got together to discuss ways in which SAML and OpenID
could be used together. Pat Patterson of Sun demonstrated a way of
hooking up OpenID IdP discovery and metadata to a 100% SAML
authentication/SSO cycle in his "Lightbulb" subproject of OpenSSO.
Both the discussion and the demo were very well received. Some
profiling work may arise from this, which may show up in the SSTC at
some point. Contact Eve if you'd like more info.
JeffH had sent around information about the OASIS Adoption Forum,
including highlights of SAML adoption. Hal noted how gratifying it
is to see that SAML is being assessed for suitability for existing
use cases, and is being chosen as the best solution.
> 10. Adjourn
Adjourned at 12:43pm ET.
--
Eve Maler +1 425 947 4522
Technology Director eve.maler @ sun.com
CTO Business Alliances group Sun Microsystems, Inc.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]