[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes (with attendance) for 08/28/2007 call
> > Proposed Agenda SSTC Concall, August 28, 2007 > > Dial in info: +1 865 673 6950 > Access code: 270-9441# > > Roll Call & Agenda Review 17/23 voting members present, quorum achieved Attendance of Voting Members Steve Anderson BMC Software Abbie Barbir Nortel Brian Campbell Ping Identity Carolina Canales-Valenzuela Ericsson Scott Cantor Internet2 Frederick Hirsch Nokia Hal Lockhart BEA Systems, Inc Paul Madsen NTT Corporation Bob Morgan Internet2 Anthony Nadalin IBM Rob Philpott EMC Corporation Anil Saldhana Red Hat Tom Scavo National Center for Supercomputing Applications David Staggs Veteran's Health Admin Lakshmi Thiyagarajan Hewlett-Packard Company Eric Tiffany IEEE Industry Standards Emily Xu Sun Microsystems Attendance of Non-Voting Members Jeff Hodges NeuStar Ari Kermaier Oracle RJ Schlecht MISMO Kent Spaulding Tripod Technology Group Membership Status Changes Nick Pope Thales eSecurity Ltd. - Member account deactivated 8/20/2007 RJ Schlecht MISMO - Granted membership 8/27/2008 Kent Spaulding Tripod Technology Group - Granted voting status after 8/28/2008 call Conor P. Cahill Intel - Lost voting status after 8/28/2007 call > > Paul volunteered to take minutes previously but was unable to take them > last time.) Paul will minute > > 1. Approve minutes from August 14 (corrected) > http://lists.oasis-open.org/archives/security-services/200708/msg00037.html Hal noticed slight error in minutes, docs aren't becoming OASIS standards, rather the ballot to submit them will happen soon Approved > > > 2. Administrative > > 2.1 Liberty Alliance F2F Interoperability Workshop September 19-21, 2007 > http://lists.oasis-open.org/archives/security-services/200708/msg00032.h > tml Announcement posted to list Eric encourages people to come discuss IOP profiles, follow link on above message 2.2 Additional matter Carol Geyer found a reference to ANSI endorsing SAML for US eGov authetication? anybody have any insight > > 3. Document Status > > 3.1 Docs on their way to OS > 3.1.1 Metadata Profile for the OASIS Security Assertion Markup Language > (SAML) V1.x > 3.1.2 Metadata Extension for SAML V2.0 and V1.x Query Requesters > > Ballot held up awaiting clarification of IPR issues relating to > NCSA/GridShib statement of use. No problem seen. > > Ballot will start in the next day or so. Please vote. > Nothing to do with IP. Original concern was whether or not attestation statement from GridShib was OK, issue resolved Hal was expecting ballot to have already started, will be soon Need majority of voting members, please vote > > 3.2 Docs pending public review > > > *SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based > Systems > *SAML V2.0 Deployment Profiles for X.509 Subjects > *Identity Provider Discovery Service Protocol and Profile > *SAMLv2.0 HTTP POST "SimpleSign" Binding > > TC was to review conformance clauses. Vote to CD and Public Review (15 > day) now in order. Conformance sections added as per OASIS requirements. Rob asks which docs are we talking about, Hal point to 4 docs above Tom asks for clarification as to 15 day review vs 60. Not all docs have gone through first review Scott not sure he has actually added Conformance Clause to "Identity Provider Discovery Service Protocol and Profile". Tom says is is there, "Identity Provider Discovery Service Protocol and Profile" & "SAML V2.0 Deployment Profiles for X.509 Subjects" have not gone through review yet, they will need 60 day review Rob confirms that CD vote & public review require full majority Scott moves that all 4 docs be moved to CD, Abbi seconds No objections, unanimous consent Rob moves "SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based Systems" & "SAMLv2.0 HTTP POST "SimpleSign" Binding" to 15 day PR, Abbi seconds Tom moves "Identity Provider Discovery Service Protocol and Profile" & "SAML V2.0 Deployment Profiles for X.509 Subjects" to 60 day PR, Abbi seconds No objections, unanimous consent All docs must be updated to reflect CD status as of today AI: Editors to update docs to CD Tom clarifies that his 2 docs erroneously labelled as CD, what to do? Leave number the same, but replace in Kavi > > 4 Discussions > > 4.1 SAML metadata lifecycle issues > http://lists.oasis-open.org/archives/security-services/200708/msg00031.h > tml Eve started the thread, Eve not present. Emily from Sun explains that Sun customers were asking what happens when keys in metadata expire or need to change. How to notify SPs that metadata needs to be updated? What if SPs cant update? etc Its ot just aout keys, also end points etc. Sun has two proposals, reactive & proactive. Sun looking for SSTC guidance. Scott agree we need improved material & product support - disagrees with some pieces of original Sun proposal Scott would favour reduced emphasis on PKI & certs within metadata. Agrees that work is relevant, but scope of work may lie beyond SSTC as convergence across identity systems may happen around metadata. Current model is static & manual. difficult to drive real deployments whenever happends out of band. Emily agrees. Hal suggests two kinds of issues, 1) about the contents of metadata, ie. not publish specific keys, rather trust root. Scott says not possible (try encryption :-)) Ari agrees 2) how to handle ongoing updates, Scott likes proactive model vs reactive. Hal asks way forward. Scott willing to participate, will create list of topics, then we can categorize them RL Bob mentions possibility of conformance. Rob is cautious, in enterprise environments, metadata not used past import. Wouldnt want conformance to stipulate requirements for update etc. Scott suggest profiles as way around the issue, AI: Scott will work on possible errata for multiple key descriptors in metadata Scott adds that some issues may overlap with those likely to be discussed in the XML Signature Workshop. Implementors may want to fid out about workshop > > > 4.2 Proposal for extensions to Authentication Context > http://lists.oasis-open.org/archives/security-services/200708/msg00038.html Hal posted email from Giles, update is that there is agreement that some work should happen in SSTC. Giles is workig on membership mechanisms. Hal has had some discussions already with Giles. Hal encourages people to read Wiki page. > > 5 Other business Jiles not Giles :-) > > 6 Action Items > > #0283: Change final arrows to solid in Tech Overview diagrams > throughout. > Owner: Paul Madsen > Status: Open > Assigned: 2007-03-27 > Due: --- open > > #0304: Incorporate appropriate use of LDAP language tags in new LDAP > attr profile > Owner: Scott Cantor > Status: Open > Assigned: 2007-08-23 > Due: --- open > > #0305: Prepare final version(s) of the SAML v2.0 Errata document > Owner: Abbie Barbir > Status: Open > Assigned: 2007-08-23 > Due: --- open -- Paul Madsen e:paulmadsen @ ntt-at.com NTT p:613-482-0432 m:613-302-1428 aim:PaulMdsn5 web:connectid.blogspot.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]