OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [security-services] Draft minutes, 15 January 2008


With attendance data...
--
Steve Anderson
BMC Software

-----Original Message-----
From: Frederick Hirsch [mailto:Frederick.Hirsch@nokia.com] 
Sent: Tuesday, January 15, 2008 12:43 PM
To: OASIS SSTC
Cc: Frederick Hirsch
Subject: [security-services] Draft minutes, 15 January 2008

Please review these draft minutes from SSTC teleconference, 15  
January 2008.

regards, Frederick

Frederick Hirsch
Nokia

Draft Minutes
SSTC Concall, Jan 15, 2008
Frederick Hirsch took minutes

Roll Call & Agenda Review
Attendance of Voting Members

  Steve Anderson BMC Software
  Brian Campbell Ping Identity
  Scott Cantor Internet2
  Peter Davis NeuStar
  Jeff Hodges NeuStar
  Ari Kermaier Oracle
  Hal Lockhart BEA Systems, Inc
  Paul Madsen NTT Corporation
  Eve Maler Sun Microsystems
  Bob Morgan Internet2
  Anil Saldhana Red Hat
  Tom Scavo National Center for Supercomputing Applications
  Kent Spaulding Tripod Technology Group
  Eric Tiffany Liberty Alliance Project
  Emily Xu Sun Microsystems


Attendance of Non-Voting Members

  Frederick Hirsch Nokia
  Rob Philpott EMC Corporation


Membership Status Changes
  
  Frederick Hirsch Nokia - Granted voting status after 1/15/2008 call
  Rob Philpott EMC Corporation - Granted voting status after 1/15/2008
call
  Anthony Nadalin IBM - Lost voting status after 1/15/2008 call

Quorum achieved, 15/20 voting members.

1. Approve minutes from Dec 18, 2007
http://lists.oasis-open.org/archives/security-services/200712/ 
msg00059.html

Minutes approved unanimously.

2. Administrative

Hal: Brian and Hal received note from Giles, waiting for final  
version of spec before proceeding with authentication context profile  
in a few weeks.

Hal: Jeff Bohren resigning as chair of provisioning TC. What does  
this mean for status of provisioning specification?
( http://www.oasis-open.org/apps/org/workgroup/provision/email/ 
archives/200801/msg00005.html )

Hal: Need champion for that specification in order for it to make  
progress.

2a. SAML XML.org Focus Area

Suggestions from Carol Geyer
http://lists.oasis-open.org/archives/security-services/200712/ 
msg00068.html

Requests to list products and services in the SAML XML.org product  
directory
http://lists.oasis-open.org/archives/security-services/200801/ 
msg00000.html

3. Document Status

3.1 Public Review of Five specifications started on December 11th.
http://lists.oasis-open.org/archives/security-services/200712/ 
msg00040.html

Review is continuing. No discussion on this call.

3.2 Errata

Errata: SAML2 Attribute Profiles
http://lists.oasis-open.org/archives/security-services/200801/ 
msg00001.html

Tom described two items.

First,  broken URL in SAML 2 Profiles document. Need to determine  
alternative.
Scott Cantor - was an internet draft that expired. Need to follow up  
for IETF status.
Hal Lockhart - need to contact area director

ACTION: Jeff Hodges offers to review issue and determine appropriate  
RFC to reference by the next call.

Second, questions regarding attribute profile in SAML 2 Profiles  
document
Tom noted that Scott answered this in email.

Acknowledgment for Mark Wahl
http://lists.oasis-open.org/archives/security-services/200801/ 
msg00002.html

Scott Cantor noted that SAML V2.0 X.500/LDAP Attribute Profile  
document lost informal contributors acknowledgments which switching  
to the OASIS template.

Hal asked if there are any IPR issues associated with this, only if  
any contributions made inappropriately.
Tom - was public comment
Hal so ok according to process.

ACTION: Hal to check with Mark if any concern with making an  
acknowledgment and to verify affiliation.

3.3 Subject-based Profiles for SAML V1.1 Assertions

http://lists.oasis-open.org/archives/security-services/200801/ 
msg00003.html

One document with two profiles. Profile of SAML 1.1 Subject Element,  
one of SAML 1.1 assertion.

Goal - give guidance to deployments that support both SAML 1.1 and  
SAML 2.0 simultaneously. Document restrictions on SAML 1.1 assertions  
so make them semantically equivalent to SAML 2.0 assertions.

Subject profile: a) name qualifier, b) subject confirmation, c)   
strongly matches (impacts assertion profile).

This may need revision, please comment.

Assertion profile: SAML 2 has one Subject element as child of  
assertion, SAML 1.1 has multiple subjects.
Profile attempts to rationalize this by requiring that every  
statement in SAML 1.1 assertion have an equivalent Subject element.  
Use notion of Very Strongly Match, based on Strongly Match to equate  
Subject elements.

Hal - isn't matching algorithm more lenient than Strong Match, so  
name it differently than Very Strongly Match?
Tom - order of operands to match matters,  so named correctly.
Goal is to have subject elements in SAML 1.1 assertion to be the same.

Eve - this seems useful, may be a Concordia use case.

Hal suggests posting a link to this draft to the Concordia mailing list.

4 Other business

Eve - Status of technical overview?

Paul Madsen - believe it is stable and ready for approval.

Hal - Please review tech overview before next meeting (in two weeks)  
where we will vote to bring to CD status. May also agree to have  
public review

5 Action Items (Report created 14 January 2008 10:28pm EST)

#0283: Change final arrows to solid in Tech Overview diagrams  
throughout.
Owner: Paul Madsen
Note: Action #283 should be closed
http://lists.oasis-open.org/archives/security-services/200712/ 
msg00062.html
Closed

#0311: Propose specific document changes required for PE-65
Owner: Scott Cantor
Remain Open

#0316: Take a look at the red line versions of erratum docs
Owner: Abbie Barbir
Status: Open

#0319: Check with Paul on the status of issue #0283 (tech overview)
Owner: Eve Maler
Closed

Next call 29 January.

Adjourned






---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  You may a link to this group and all your TCs in
OASIS
at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php 



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]