[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Minutes for the SSTC meeting on August 14, 2007 [DRAFT]
With attendance data -- Steve Anderson BMC Software ________________________________ From: Anil Saldhana [mailto:Anil.Saldhana@redhat.com] Sent: Tue 8/14/2007 1:11 PM To: security-services@lists.oasis-open.org Subject: [security-services] Minutes for the SSTC meeting on August 14, 2007 [DRAFT] Proposed Agenda SSTC Concall, August 14, 2007 Dial in info: +1 865 673 6950 Access code: 270-9441# Roll Call & Agenda Review Attendance of Voting Members Steve Anderson BMC Software Abbie Barbir Nortel Jeff Bohren BMC Software Brian Campbell Ping Identity Scott Cantor Internet2 Peter Davis NeuStar George Fletcher AOL Frederick Hirsch Nokia Hal Lockhart BEA Systems, Inc Eve Maler Sun Microsystems Prateek Mishra Oracle Anthony Nadalin IBM Rob Philpott EMC Corporation Anil Saldhana Red Hat Tom Scavo National Center for Supercomputing Applications David Staggs Veteran's Health Admin Lakshmi Thiyagarajan Hewlett-Packard Company Eric Tiffany IEEE Industry Standards Emily Xu Sun Microsystems Attendance of Non-Voting Members Bob Morgan Internet2 Kent Spaulding Tripod Technology Group Attendance of Observers Giles Hogbe ENISA Membership Status Changes Anthony Nadalin IBM - Granted voting status after 7/17/2007 call Jeff Hodges NeuStar - Lost voting status after 7/31/2007 call Lakshmi Thiyagarajan Hewlett-Packard Company - Granted voting status after 7/31/2007 call Sarma Pisapati EDS - Granted membership 8/6/2007 Richard Sand Tripod Technology - Group Member account deactivated 8/9/2007 Emily Xu Sun Microsystems - Returned from LOA before 8/14/2007 call Ari Kermaier Oracle - Lost voting status after 8/14/2007 call Bob Morgan Internet2 - Granted voting status after 8/14/2007 call 19 out of 22 voting members present, have quorum. Quorum was achieved We need a volunteer to take minutes. Anil Saldhana, Red Hat 1. Approve minutes from July 31 http://lists.oasis-open.org/archives/security-services/200708/msg00006.html Approved 2. Administrative 2.1 News: E-Authentication now supports SAML V2.0 http://lists.oasis-open.org/archives/security-services/200708/msg00010.html Paul has updated the SSTC home page 2.2 Liberty Interoperability Testing coming up - Eric: * Registration information can be found on the liberty website. * Still not public yet. * Planning on a SAML interop workshop focusing on eGovernment. Sept 17-21. * IEEE Head Quarters at Piscataway, NJ 2.3 SAML Auth Contexts extension work http://wiki.enisa.europa.eu/index.php?title=Authentication_Interoperability * Guest invited (Giles) from ENISA to discuss some informal work done on AuthContext extension. * Giles- - collecting use cases on the wiki. - feels that it is relevant to the SAML standard. - Tokens issued from a government standard. - some way of abstracting info for easier understanding by users. - Privacy features of Authentication Token. - Reputation needs to be associated with authentication. -- E-Reputation an important aspect of authentication (Electonic Passwords/ID Cards) * TC Questions: - Evidence that authentication context is used for Trust? - Some work going on in ITU Identity Group. - Scope of work for the TC. -- Either work with TC to standardize or develop it as a third party. -- Giles wants to standardize it via the TC. - Apart from the privacy(which is orthogonal), every other aspect seems to fit in the AuthContext work. - Privacy may be better handled in the authorization context language such as XACML TC. - The type of credential used for authentication has a privacy aspect which is in scope for this TC. Conclusion: Draw up a proposal and the TC can have a chartered discussion. Next step from Giles is to create some requirements from SAML AuthenticationContext. 2.4 Metadata and DNSSEC http://www.oasis-open.org/archives/saml-dev/200708/msg00001.html and http://www.oasis-open.org/archives/saml-dev/200708/msg00002.html Conclusion: Normative change needed if there was a direct reference. If not, no change. * General question from Bob Morgan about possible intersection between SAML and Kerberos (after a recent topic from IETF) 3. Document Status 3.1 Docs on their way to Oasis Standard 3.1.1 Metadata Profile for the OASIS Security Assertion Markup Language (SAML) V1.x CS Version now done OASIS admin notified 8/13 Conclusion: - Mary has not reviewed them yet. - Will be a Oasis standard in a week or two 3.1.2 Metadata Extension for SAML V2.0 and V1.x Query Requesters CS Version now done OASIS admin notified 8/13 Conclusion: - Same as 3.1.1 3.2 SAML V2.0 Errata Public Review ended 31 July 2007 SSTC home page has been updated. Next steps? Conclusion: - Since there have been zero public comments, we will need one more TC vote before taking it public. - Hal motioned for acceptance of Errata Document. Eve seconded the motion. - Unanimous Consent - APPROVED 3.3 Docs pending public review 2.3.1 Documents needing conformance clauses *SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based Systems (Tom maybe has done this) *SAML V2.0 Deployment Profiles for X.509 Subjects (also Tom) Conclusion: Tom has uploaded the docs last week to Kavi. *Identity Provider Discovery Service Protocol and Profile *SAMLv2.0 HTTP POST "SimpleSign" Binding Conclusion: TC members to review the conformance clauses (2 weeks time) before public review. Eve's question: Orderly expiration of certs in metadata? * Eve will ask for an email to be sent before the next meeting. * Will need to be put on the next meeting's agenda 4 Other business 5 Action Items (as of 13 August 2007 05:30pm EDT) #0286: Research the use of LDAP language tags Owner: Bob Morgan Status: Open Assigned: 2007-04-11 Due: 2007-04-24 Conclusion: Bob is ready to close it. #0283: Change final arrows to solid in Tech Overview diagrams throughout. Owner: Paul Madsen Status: Open Assigned: 2007-03-27 Due: --- Conclusion: Paul absent. #0282: AuthnContextDecl and AuthnContextDeclRef Confusion Owner: Eric Tiffany Status: Open Assigned: 2007-03-27 Due: --- Conclusion: Leave it open to figure out where the explanatory text goes. -- Anil Saldhana Project/Technical Lead, JBoss Security & Identity Management JBoss, A division of Red Hat Inc. http://labs.jboss.com/portal/jbosssecurity/
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]