OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [security-services] Minutes for the SSTC meeting on August 14, 2007 (Correction)


Correction to section 3.1.1 

Hal

> -----Original Message-----
> From: Anderson, Steve [mailto:Steve_Anderson@BMC.com]
> Sent: Tuesday, August 14, 2007 1:16 PM
> To: security-services@lists.oasis-open.org
> Subject: RE: [security-services] Minutes for the SSTC meeting on
August
> 14, 2007 [DRAFT]
> 
> With attendance data
> --
> Steve Anderson
> BMC Software
> 
> ________________________________
> 
> From: Anil Saldhana [mailto:Anil.Saldhana@redhat.com]
> Sent: Tue 8/14/2007 1:11 PM
> To: security-services@lists.oasis-open.org
> Subject: [security-services] Minutes for the SSTC meeting on August
14,
> 2007 [DRAFT]
> 
> 
> 
> Proposed Agenda SSTC Concall, August 14, 2007
> 
> Dial in info: +1 865 673 6950
> Access code: 270-9441#
> 
> Roll Call & Agenda Review
> Attendance of Voting Members
> 
>   Steve Anderson BMC Software
>   Abbie Barbir Nortel
>   Jeff Bohren BMC Software
>   Brian Campbell Ping Identity
>   Scott Cantor Internet2
>   Peter Davis NeuStar
>   George Fletcher AOL
>   Frederick Hirsch Nokia
>   Hal Lockhart BEA Systems, Inc
>   Eve Maler Sun Microsystems
>   Prateek Mishra Oracle
>   Anthony Nadalin IBM
>   Rob Philpott EMC Corporation
>   Anil Saldhana Red Hat
>   Tom Scavo National Center for Supercomputing Applications
>   David Staggs Veteran's Health Admin
>   Lakshmi Thiyagarajan Hewlett-Packard Company
>   Eric Tiffany IEEE Industry Standards
>   Emily Xu Sun Microsystems
> 
> 
> Attendance of Non-Voting Members
> 
>   Bob Morgan Internet2
>   Kent Spaulding Tripod Technology Group
> 
> 
> Attendance of Observers
> 
>   Giles Hogbe ENISA
> 
> 
> Membership Status Changes
> 
>   Anthony Nadalin IBM - Granted voting status after 7/17/2007 call
>   Jeff Hodges NeuStar - Lost voting status after 7/31/2007 call
>   Lakshmi Thiyagarajan Hewlett-Packard Company - Granted voting status
> after 7/31/2007 call
>   Sarma Pisapati EDS - Granted membership 8/6/2007
>   Richard Sand Tripod Technology - Group Member account deactivated
> 8/9/2007
>   Emily Xu Sun Microsystems - Returned from LOA before 8/14/2007 call
>   Ari Kermaier Oracle - Lost voting status after 8/14/2007 call
>   Bob Morgan Internet2 - Granted voting status after 8/14/2007 call
> 
> 
> 19 out of 22 voting members present, have quorum. Quorum was achieved
> 
> 
> We need a volunteer to take minutes.
> Anil Saldhana, Red Hat
> 
> 
> 1. Approve minutes from July 31
> http://lists.oasis-open.org/archives/security-
> services/200708/msg00006.html
> 
> Approved
> 
> 
> 2. Administrative
> 
> 2.1 News: E-Authentication now supports SAML V2.0
> http://lists.oasis-open.org/archives/security-
> services/200708/msg00010.html
> Paul has updated the SSTC home page
> 
> 2.2 Liberty Interoperability Testing coming up
> 
> - Eric:
> * Registration information can be found on the liberty website.
> * Still not public yet.
> * Planning on a SAML interop workshop focusing on eGovernment. Sept
17-21.
> * IEEE Head Quarters at Piscataway, NJ
> 
> 2.3 SAML Auth Contexts extension work
>
http://wiki.enisa.europa.eu/index.php?title=Authentication_Interoperabil
it
> y
> 
> * Guest invited (Giles) from ENISA to discuss some informal work done
on
> AuthContext extension.
> * Giles-
>   - collecting use cases on the wiki.
>   - feels that it is relevant to the SAML standard.
>   - Tokens issued from a government standard.
>   - some way of abstracting info for easier understanding by users.
>   - Privacy features of Authentication Token.
>   - Reputation needs to be associated with authentication.
>     -- E-Reputation an important aspect of authentication (Electonic
> Passwords/ID Cards)
> 
> * TC Questions:
>   - Evidence that authentication context is used for Trust?
>   - Some work going on in ITU Identity Group.
>   - Scope of work for the TC.
>     -- Either work with TC to standardize or develop it as a third
party.
>     -- Giles wants to standardize it via the TC.
>   - Apart from the privacy(which is orthogonal), every other aspect
> seems to fit in the AuthContext work.
>   - Privacy may be better handled in the authorization context
language
> such as XACML TC.
>   - The type of credential used for authentication has a privacy
aspect
> which is in scope for this TC.
> 
> Conclusion:
> Draw up a proposal and the TC can have a chartered discussion.
> Next step from Giles is to create some requirements from SAML
> AuthenticationContext.
> 
> 
> 2.4 Metadata and DNSSEC
> http://www.oasis-open.org/archives/saml-dev/200708/msg00001.html
> and
> http://www.oasis-open.org/archives/saml-dev/200708/msg00002.html
> 
> Conclusion: Normative change needed if there was a direct reference.
If
> not, no change.
> 
> * General question from Bob Morgan about possible intersection between
> SAML and Kerberos (after
> a recent topic from IETF)
> 
> 
> 3. Document Status
> 
> 3.1 Docs on their way to Oasis Standard
> 3.1.1 Metadata Profile for the OASIS Security Assertion Markup
Language
> (SAML) V1.x
> CS Version now done
> OASIS admin notified 8/13
> 
> Conclusion:
> - Mary has not reviewed them yet.
> - Will be a Oasis standard in a week or two

This should read:

A vote to submit these as OASIS Standards will begin in a week or so.

> 
> 3.1.2 Metadata Extension for SAML V2.0 and V1.x Query Requesters
> CS Version now done
> OASIS admin notified 8/13
> 
> Conclusion:
> - Same as 3.1.1
> 
> 3.2 SAML V2.0 Errata
> Public Review ended 31 July 2007
> SSTC home page has been updated.  Next steps?
> 
> Conclusion:
> - Since there have been zero public comments, we will need one more TC
> vote before taking it public.
> - Hal motioned for acceptance of Errata Document. Eve seconded the
motion.
> - Unanimous Consent - APPROVED
> 
> 3.3 Docs pending public review
> 2.3.1 Documents needing conformance clauses
> *SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based
> Systems (Tom maybe has done this)
> *SAML V2.0 Deployment Profiles for X.509 Subjects (also Tom)
> 
> Conclusion:  Tom has uploaded the docs last week to Kavi.
> 
> *Identity Provider Discovery Service Protocol and Profile
> *SAMLv2.0 HTTP POST "SimpleSign" Binding
> 
> Conclusion: TC members to review the conformance clauses (2 weeks
time)
> before public review.
> 
> Eve's question: Orderly expiration of certs in metadata?
> * Eve will ask for an email to be sent before the next meeting.
> * Will need to be put on the next meeting's agenda
> 
> 
> 4 Other business
> 
> 5 Action Items (as of 13 August 2007 05:30pm EDT)
> 
> #0286: Research the use of LDAP language tags
> Owner: Bob Morgan
> Status: Open
> Assigned: 2007-04-11
> Due: 2007-04-24
> 
> Conclusion: Bob is ready to close it.
> 
> #0283: Change final arrows to solid in Tech Overview diagrams
throughout.
> Owner: Paul Madsen
> Status: Open
> Assigned: 2007-03-27
> Due: ---
> 
> Conclusion: Paul absent.
> 
> #0282: AuthnContextDecl and AuthnContextDeclRef Confusion
> Owner: Eric Tiffany
> Status: Open
> Assigned: 2007-03-27
> Due: ---
> 
> Conclusion: Leave it open to figure out where the explanatory text
goes.
> 
> 
> 
> 
> --
> Anil Saldhana
> Project/Technical Lead,
> JBoss Security & Identity Management
> JBoss, A division of Red Hat Inc.
> http://labs.jboss.com/portal/jbosssecurity/
> 



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]