[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes for 13 Mar 2007 SSTC telecon, with roll
> 1. Roll Call & Agenda Review, Find volunteer minute taker
Eve volunteered to take minutes.
Attendance of Voting Members
Steve Anderson BMC Software
Conor P. Cahill Intel
Brian Campbell Ping Identity
Scott Cantor Internet2
Jeff Hodges NeuStar
Ari Kermaier Oracle
Chris Laskowski Booz Allen Hamilton
Paul Madsen NTT Corporation
Eve Maler Sun Microsystems
Prateek Mishra Oracle
Bob Morgan Internet2
Anthony Nadalin IBM
Ashish Patel France Telecom
Rob Philpott EMC Corporation
Tom Scavo National Center for Supercomputing Applications
David Staggs Veteran's Health Admin
Eric Tiffany IEEE Industry Standards
Greg Whitehead Hewlett-Packard Company
Emily Xu Sun Microsystems
Attendance of Non-Voting Members
Abbie Barbir Nortel
George Fletcher AOL
Membership Status Changes
Eric Tiffany IEEE Industry Standards - Member account restored
3/1/2007
Senthil Sengodan Nokia - Withdrew from TC 3/2/2007
George Fletcher AOL - Membership granted 3/9/2007
> 2. Approve minutes from February 27 con-call
> http://lists.oasis-open.org/archives/security-services/200702/msg00071.html
APPROVED by unanimous consent.
> 3. New drafts uploaded
>
> (a) Simple Signature Web SSO Profile
> http://lists.oasis-open.org/archives/security-services/200703/msg00014.html
Scott: Note that this is a binding (not a profile). He had some
trouble producing HTML, but ultimately managed it using a software
tool and a bit of hand-editing. This is okay to do occasionally but
isn't tenable as a regular thing.
AI: Chairs to get SimpleSign to 60-day public review.
> (Voted to public review Jan 30 - chairs need to forward to Mary)
>
>
> (b) CD-01 version of Approved Errata document
> http://www.oasis-open.org/archives/security-services/200703/msg00033.html
>
> initiate errata process -
> http://www.oasis-open.org/committees/process.php#3.5
Eve: Actually we did this last time; this is ready to go to public
review now, having been edited into CD form.
AI: Chairs to get Approved Errata to 15-day public review.
> (c) Technical Overview v13
> http://www.oasis-open.org/archives/security-services/200702/msg00052.html
> We had planned on a CD and public review vote today.
MOVED by Abbie, SECONDED by RLBob to move IdP Discovery doc to CD
status. APPROVED by unanimous consent.
MOVED by JeffH, SECONDED by Abbie to move the IdP Discovery CD to
public review. APPROVED by unanimous consent.
Eve: Asks for clarification: are we instructing the editor (Paul) to
incorporate edits as suggested by Eve and Tom prior to CD
publication? Prateek: No, we'll catalog these as the first wave of
"public review" comments and save them for later.
AI: Editor (Paul) to prepare Tech Overview for CD publication.
> (d) draft-sstc-saml-idp-discovery-03.pdf uploaded
> http://lists.oasis-open.org/archives/security-services/200703/msg00028.html
Current status is that we're requesting comment preparatory to
entertaining a CD/public review vote next time.
> 4. Active Threads
>
> (a) Untrusted Service Provider Profile
> http://lists.oasis-open.org/archives/security-services/200702/msg00075.html
No action.
> (b) Assertion signing confusion
> http://lists.oasis-open.org/archives/security-services/200703/msg00003.html
No action. The confusion was cleared up in errata already.
> (c) AuthnContextDecl and AuthnContextDeclRef
> http://lists.oasis-open.org/archives/security-services/200703/msg00004.html
No action; we think the spec text is as good as we can make it. If
someone (Eric?) wants to suggest better text, we can entertain it.
AI: Eric to either propose text to improve AuthnContextDecl/Ref
confusion or indicate that there's no need.
> (d) Comments on Tech Overview rev 13
> http://lists.oasis-open.org/archives/security-services/200703/msg00019.html
This link is to a followup; the original comments in totality are at:
http://lists.oasis-open.org/archives/security-services/200703/msg00016.html
First issue: Should the two outermost steps in flows ("access
resource" and "supply resource") use dotted lines or solid lines?
Currently the first is solid and the last is dotted! So regardless,
something has to change. The sentiment on the call was to make them
solid, so as not to needlessly confuse people about what's being
accomplished by the flow. (The "challenge for credentials" and
"user login" steps are appropriately dotted because it could be
multiple challenge steps etc. We're not willing to change it to be
a single dotted-double arrow line, though, since that would change
the numbering and be very invasive to the spec text.)
AI: Editor (Paul) to change final arrows to solid in Tech Overview
diagrams throughout.
Second issue: Should the swoopy redirect arrows be changed to a pair
of arrow steps, the way POST is? No, it's not that important and
anyway it shows at a glance which binding is being used in the
diagram. No action.
> (e) NZ gov use case
> http://lists.oasis-open.org/archives/security-services/200703/msg00022.html
No action; Collin isn't on the call.
> 5. AIs
>
> #0279: Investigate relationship between ID-WSF and SOAP SSO profile
> Owner: Greg Whitehead
> Status: Open
> Assigned: 2007-03-12
> Due: ---
Greg continues to investigate (though he is not at the Liberty
interim meeting this week and is hampered from pursuing it right
away therefore). Keep AI open. Eve will ask Hubert to bring it up
in the interim meeting.
> #0278: Ari to respond to comments on x.509-attribute profile version 11
> Owner: Ari Kermaier
> Status: Open
> Assigned: 2007-03-12
> Due: ---
Ari and Tom agreed that Tom will produce rev 12, including lots of
editorial corrections and some resolutions on Tom's more substantive
comments.
AI: Website editor (Paul -- but can delegate back to Eve if
necessary) to add links to all the latest new documents, most
particularly the errata redlines so that new readers of the specs
see that first.
AI: Ashish Patel to report on next steps on his/Paul's draft that
has gone through public review.
ADJOURNED at x:43.
--
Eve Maler +1 425 947 4522
Technology Director eve.maler @ sun.com
CTO Business Alliances group Sun Microsystems, Inc.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]