OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: SSTC Concall, July 31, 2007 Draft Minutes


SSTC Concall, July 31, 2007, Draft Minutes

Roll Call & Agenda Review

Frederick Hirsch volunteered to take minutes today.

Paul Madsen will do minutes next time.

16 out of 22 voting members present, have quorum.

1. Approve minutes from July 17 as amended

http://lists.oasis-open.org/archives/security-services/200707/ 
msg00034.html

Minutes approved unanimously.

2. Administrative

2.1 News: E-Authentication now supports SAML V2.0
http://lists.oasis-open.org/archives/security-services/200707/ 
msg00027.html
Formerly supported SAML 1.0 now supports SAML 2.0

2.2 Workshop on SAML & XACML Given at GeoWeb 2007 in Vancouver, July 23
Hal presented workshop on SAML and XACML, much interest in SAML.

3. Document Status

3.0 Eight wiki pages added to track status and milestones for documents

3.1 Docs on their way to OS
3.1.1 Metadata Profile for the OASIS Security Assertion Markup  
Language (SAML) V1.x
CS Version now done

3.1.2 Metadata Extension for SAML V2.0 and V1.x Query Requesters
CS Version now done

Metadata Profile and Metadata Extension documents are now in new  
document format.
Chairs will request ballot to make 15 August deadline.

3.2 SAML V2.0 Errata
Public Review began 16 July 2007, and ends 31 July 2007 (today)
No comments have yet been received.

3.3 Docs pending public review
3.3.1 Documents needing conformance clauses
*SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based
Systems
*SAML V2.0 Deployment Profiles for X.509 Subjects
*Identity Provider Discovery Service Protocol and Profile
*SAMLv2.0 HTTP POST "SimpleSign" Binding

Committee needs to approve new drafts after adding conformance  
clauses before public review on these.

3.3.2 Security Assertion Markup Language (SAML) V2.0 Technical Overview
Waiver on conformance as the doc is informational and not normative?

Brian communicated with TC Admin.
Committee Draft is currently highest status that can be obtained.
No conformance clause necessary. Can choose to perform public review  
or not, but not same cycle as normative specification. OASIS is  
considering alternative approaches but this is not available yet.

Hal - we have pending edits. Should we update and then do public  
review or public review first?

Conor - public review would be good, but first do update
Others agree.
Conor - want implementers to review even if not direct target, also  
gives publicity.

General agreement to do update and then public review.

Eve asks whether any SSTC members would like to compare this SSTC  
technical overview with recent WS-Federation white paper.
http://msdn2.microsoft.com/en-us/library/bb498017.aspx

4 Other business

Eve notes Concordia and digital id world workshop - asks about  
attendance, that attendees contact Eve. Conor plans to attend.

Hal notes XML Security Workshop

"Position papers are due 14 August for the Workshop on Next Steps for  
XML Signature
and XML Encryption to be held 25-26 September in Mountain View,  
California, USA,
hosted by VeriSign. Attendees will discuss next steps for the XML  
Signature and XML
Encryption specifications and share their experiences implementing  
and developing
these standards. Topics may include interoperability and robustness,  
performance,
legal requirements for digital signature formats, and the impact of  
the evolving XML
environment. The Workshop is expected to give its recommendations to  
the XML Security
Specifications Maintenance Working Group. The Workshop is free free  
and open to all,
however, submission of position papers is required of all participants."

http://www.w3.org/2007/xmlsec/ws/cfp

5 Action Items

#0282: AuthnContextDecl and AuthnContextDeclRef Confusion
Owner: Eric Tiffany
Eric: No normative changes needed, but some guidance text might be  
useful.
Not clear where to put it. List discussion.

#0283: Change final arrows to solid in Tech Overview diagrams  
throughout.
In progress

#0286: Research the use of LDAP language tags
Owner: Bob Morgan
Bob: LDAP Attribute profile needs to be updated to fix schema and to  
preserve
attribute types and tags.
Scott: Suggested tagging options are not preserved and outside of  
profile.
Bob: Tags not used much. Language tags are used. Could be XML tags.
Scott: if tags used widely, then need to consider.
Might want to limit to language tags rather than general case.

Scott will update wiki for this document.

Scott will review language tag and offer proposal.

#0298: Prepare CS version of Metadata Profile for the OASIS Security
Assertion Markup Language (SAML) V1.x
Owner: Scott Cantor
Done, close.

#0299: Prepare CS version of Metadata Extension for SAML V2.0 and V1.x
Query Requesters
Owner: Tom Scavo
Done, close.

#0300: Double check w/OASIS admin that 2 metadata specs needn't conform
to the new document templates
Owner: Hal Lockhart
Done, close.

#0302: Find and distribute language around the conformance statement.
Owner: Hal Lockhart
Done, close.

#0303: Confirm that 'null' conformance clause is ok for Tech overview.
Owner: Brian Campbell
Done, close.

Next meeting 14 August.

Meeting Adjourned.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]