[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Minutes for the SSTC meeting on August 14, 2007 (Correction)
Correction to section 3.1.1 Hal > -----Original Message----- > From: Anderson, Steve [mailto:Steve_Anderson@BMC.com] > Sent: Tuesday, August 14, 2007 1:16 PM > To: security-services@lists.oasis-open.org > Subject: RE: [security-services] Minutes for the SSTC meeting on August > 14, 2007 [DRAFT] > > With attendance data > -- > Steve Anderson > BMC Software > > ________________________________ > > From: Anil Saldhana [mailto:Anil.Saldhana@redhat.com] > Sent: Tue 8/14/2007 1:11 PM > To: security-services@lists.oasis-open.org > Subject: [security-services] Minutes for the SSTC meeting on August 14, > 2007 [DRAFT] > > > > Proposed Agenda SSTC Concall, August 14, 2007 > > Dial in info: +1 865 673 6950 > Access code: 270-9441# > > Roll Call & Agenda Review > Attendance of Voting Members > > Steve Anderson BMC Software > Abbie Barbir Nortel > Jeff Bohren BMC Software > Brian Campbell Ping Identity > Scott Cantor Internet2 > Peter Davis NeuStar > George Fletcher AOL > Frederick Hirsch Nokia > Hal Lockhart BEA Systems, Inc > Eve Maler Sun Microsystems > Prateek Mishra Oracle > Anthony Nadalin IBM > Rob Philpott EMC Corporation > Anil Saldhana Red Hat > Tom Scavo National Center for Supercomputing Applications > David Staggs Veteran's Health Admin > Lakshmi Thiyagarajan Hewlett-Packard Company > Eric Tiffany IEEE Industry Standards > Emily Xu Sun Microsystems > > > Attendance of Non-Voting Members > > Bob Morgan Internet2 > Kent Spaulding Tripod Technology Group > > > Attendance of Observers > > Giles Hogbe ENISA > > > Membership Status Changes > > Anthony Nadalin IBM - Granted voting status after 7/17/2007 call > Jeff Hodges NeuStar - Lost voting status after 7/31/2007 call > Lakshmi Thiyagarajan Hewlett-Packard Company - Granted voting status > after 7/31/2007 call > Sarma Pisapati EDS - Granted membership 8/6/2007 > Richard Sand Tripod Technology - Group Member account deactivated > 8/9/2007 > Emily Xu Sun Microsystems - Returned from LOA before 8/14/2007 call > Ari Kermaier Oracle - Lost voting status after 8/14/2007 call > Bob Morgan Internet2 - Granted voting status after 8/14/2007 call > > > 19 out of 22 voting members present, have quorum. Quorum was achieved > > > We need a volunteer to take minutes. > Anil Saldhana, Red Hat > > > 1. Approve minutes from July 31 > http://lists.oasis-open.org/archives/security- > services/200708/msg00006.html > > Approved > > > 2. Administrative > > 2.1 News: E-Authentication now supports SAML V2.0 > http://lists.oasis-open.org/archives/security- > services/200708/msg00010.html > Paul has updated the SSTC home page > > 2.2 Liberty Interoperability Testing coming up > > - Eric: > * Registration information can be found on the liberty website. > * Still not public yet. > * Planning on a SAML interop workshop focusing on eGovernment. Sept 17-21. > * IEEE Head Quarters at Piscataway, NJ > > 2.3 SAML Auth Contexts extension work > http://wiki.enisa.europa.eu/index.php?title=Authentication_Interoperabil it > y > > * Guest invited (Giles) from ENISA to discuss some informal work done on > AuthContext extension. > * Giles- > - collecting use cases on the wiki. > - feels that it is relevant to the SAML standard. > - Tokens issued from a government standard. > - some way of abstracting info for easier understanding by users. > - Privacy features of Authentication Token. > - Reputation needs to be associated with authentication. > -- E-Reputation an important aspect of authentication (Electonic > Passwords/ID Cards) > > * TC Questions: > - Evidence that authentication context is used for Trust? > - Some work going on in ITU Identity Group. > - Scope of work for the TC. > -- Either work with TC to standardize or develop it as a third party. > -- Giles wants to standardize it via the TC. > - Apart from the privacy(which is orthogonal), every other aspect > seems to fit in the AuthContext work. > - Privacy may be better handled in the authorization context language > such as XACML TC. > - The type of credential used for authentication has a privacy aspect > which is in scope for this TC. > > Conclusion: > Draw up a proposal and the TC can have a chartered discussion. > Next step from Giles is to create some requirements from SAML > AuthenticationContext. > > > 2.4 Metadata and DNSSEC > http://www.oasis-open.org/archives/saml-dev/200708/msg00001.html > and > http://www.oasis-open.org/archives/saml-dev/200708/msg00002.html > > Conclusion: Normative change needed if there was a direct reference. If > not, no change. > > * General question from Bob Morgan about possible intersection between > SAML and Kerberos (after > a recent topic from IETF) > > > 3. Document Status > > 3.1 Docs on their way to Oasis Standard > 3.1.1 Metadata Profile for the OASIS Security Assertion Markup Language > (SAML) V1.x > CS Version now done > OASIS admin notified 8/13 > > Conclusion: > - Mary has not reviewed them yet. > - Will be a Oasis standard in a week or two This should read: A vote to submit these as OASIS Standards will begin in a week or so. > > 3.1.2 Metadata Extension for SAML V2.0 and V1.x Query Requesters > CS Version now done > OASIS admin notified 8/13 > > Conclusion: > - Same as 3.1.1 > > 3.2 SAML V2.0 Errata > Public Review ended 31 July 2007 > SSTC home page has been updated. Next steps? > > Conclusion: > - Since there have been zero public comments, we will need one more TC > vote before taking it public. > - Hal motioned for acceptance of Errata Document. Eve seconded the motion. > - Unanimous Consent - APPROVED > > 3.3 Docs pending public review > 2.3.1 Documents needing conformance clauses > *SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based > Systems (Tom maybe has done this) > *SAML V2.0 Deployment Profiles for X.509 Subjects (also Tom) > > Conclusion: Tom has uploaded the docs last week to Kavi. > > *Identity Provider Discovery Service Protocol and Profile > *SAMLv2.0 HTTP POST "SimpleSign" Binding > > Conclusion: TC members to review the conformance clauses (2 weeks time) > before public review. > > Eve's question: Orderly expiration of certs in metadata? > * Eve will ask for an email to be sent before the next meeting. > * Will need to be put on the next meeting's agenda > > > 4 Other business > > 5 Action Items (as of 13 August 2007 05:30pm EDT) > > #0286: Research the use of LDAP language tags > Owner: Bob Morgan > Status: Open > Assigned: 2007-04-11 > Due: 2007-04-24 > > Conclusion: Bob is ready to close it. > > #0283: Change final arrows to solid in Tech Overview diagrams throughout. > Owner: Paul Madsen > Status: Open > Assigned: 2007-03-27 > Due: --- > > Conclusion: Paul absent. > > #0282: AuthnContextDecl and AuthnContextDeclRef Confusion > Owner: Eric Tiffany > Status: Open > Assigned: 2007-03-27 > Due: --- > > Conclusion: Leave it open to figure out where the explanatory text goes. > > > > > -- > Anil Saldhana > Project/Technical Lead, > JBoss Security & Identity Management > JBoss, A division of Red Hat Inc. > http://labs.jboss.com/portal/jbosssecurity/ >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]