[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Minutes, SSTC Concall, Feb 12, 2008 (WithAttendance Data)
Please ignore the "*" after some of the attendees. It is a result of the copy/paste, find/replace exercise from the Oasis website. Anil Saldhana wrote: > > > Tom Scavo wrote: >> On Feb 11, 2008 6:24 PM, Hal Lockhart <hlockhar@bea.com> wrote: >>> Proposed Agenda SSTC Concall, Feb 12, 2008 >>> >>> Dial in info: +1 865 673 6950 >>> Access code: 270-9441# >>> >>> Roll Call & Agenda Review > > Voting Members: > Hal Lockhart BEA Systems, Inc. > Rob Philpott EMC Corporation > Scott Cantor Internet2 > Bob Morgan Internet2 > Eric Tiffany Liberty Alliance Project > Tom Scavo National Center for Supercomputing Applica... > Frederick Hirsch Nokia Corporation* > Paul Madsen NTT Corporation* > Ari Kermaier Oracle Corporation > Brian Campbell Ping Identity Corporation* > Anil Saldhana Red Hat > Emily Xu Sun Microsystems > Kent Spaulding Tripod Technology Group, Inc. > David Staggs Veterans Health Administration > > Quorum Achieved: 14 out of 21 voting members. > > Non Voting Members: > George Fletcher AOL* > > Observer: > Sampo Kellomki Symlabs, S.A. > > Lost Voting Status: > Steve Anderson, BMC > > >> >> Anil took roll (for the first time!). >> >> Hall asked if there were any additions/corrections to the Agenda. >> There were none. >> >>> Need a volunteer to take minutes >> >> Tom Scavo volunteered. >> >>> 1. Approve minutes from Jan 29, 2008 >>> http://lists.oasis-open.org/archives/security-services/200802/msg00001.html >>> >> >> Minutes approved unanimously by SSTC. >> >>> 2. Administrative >>> >>> 2.1 SAML XML.org Focus Area >>> >>> Question posted >>> http://lists.oasis-open.org/archives/security-services/200802/msg00002.html >>> >> >> Encourage members to respond to questions on saml.xml.org. How does >> this compare to saml-dev mailing list? Should we bridge the two >> mailing lists somehow? >> >>> 3. Document Status >>> >>> 3.1 Public Review of Five specifications ended on February 9th >>> http://lists.oasis-open.org/archives/security-services/200712/msg00040.html >>> >>> >>> I can find no comments posted. Next Step? >> >> No public comments. Some internal comments. Another round of CDs is >> not necessary. Next step is Committee Specification? Can't vote >> until after 7 days. Do nothing until next meeting. >> >>> 3.2 Technical Overview >>> http://www.oasis-open.org/committees/download.php/25411/sstc-saml-tech-overview-2.0-draft-14.pdf >>> >>> >>> Ready for CD vote? >> >> The Tech Overview has been dormant since last fall. Brian recently >> posted some comments: >> >> http://www.oasis-open.org/archives/security-services/200802/msg00005.html >> >> Discussion regarding Brian's comments should be redirected to the >> mailing list. >> >> Frederick H. also has some comments. He will post them to the mailing >> list. >> >> Action regarding the Tech Overview is deferred until the next call. >> SSTC members are encouraged to read the document and provide feedback >> on the mailing list. >> >>> 3.3 Subject-based Profiles for SAML V1.1 Assertions >>> http://lists.oasis-open.org/archives/security-services/200801/msg00003.h >>> tml >>> and definition of "strongly matches" >>> http://lists.oasis-open.org/archives/security-services/200801/msg00025.h >>> tml >>> >>> Awaiting further discussion. >> >> No substantive discussion has occurred on the mailing list. Scott has >> read the document and is fine with it as long as other folks agree >> that it's okay to tweak some ambiguous definitions in the SAML V1.1 >> spec in the interest of interoperability? Prime example is >> SubjectConfirmation. As long as conformance to the Subject-based >> Profiles is optional, such alternative definitions should be okay. >> >> Hal suggested we let this document stand for the time being. No >> action will be taken today. >> >>> 4 Errata >>> >>> Errata: namespace prefix not defined in [SAML2Prof] >>> http://lists.oasis-open.org/archives/security-services/200802/msg00000.h >>> tml >> >> Moving forward, has Abby agreed to be responsible for errata? [Hal >> thinks so. Does Abby agree?] It would be good if all outstanding >> errata were summarized, perhaps on the mailing list. [Will Abby do >> this? Is this an Action Item?] >> >> Scott has a PE assigned to him, but not sure why. Will be discussed >> below. >> >>> 5 Other business >> >> SSTC observer Sampo Kellomki (Symlabs, S.A.) has a question. The SSTC >> has agreed to give informal advice to Sampo. >> >> Sampo: There are gaps in deployments, which SAML addresses. >> E-governments are developing local profiles. How do we identify these >> third-party profiles in SAML so that relying parties interpret the >> SAML appropriately? >> >> Scott: Identify the profiles, yes, but avoid the versioning problem. >> >> Rob: Specifying attributes in an AuthnRequesst bloats the request and >> makes it difficult to use the redirect binding, e.g. >> >> Hal: Don't we have attribute query that can be used in this case? >> >> Scott: One possibility is to write and propose an extension document. >> >> Hal: Better yet, begin with an e-mail that defines the problem and its >> proposed solution. If sufficient buy-in is not obtained in this >> manner, then by all means write a document. >> >> Sampo: Should I go through Liberty? (That's one possible avenue, but >> the consensus seems to be: no, it may be easier to go one of the >> routes suggested above.) >> >>> 6 Action Items (Report created 11 February 2008 06:20pm EST) >>> >>> #0311: Propose specific document changes required for PE-65 >>> Owner: Scott Cantor >>> Status: Open >>> Assigned: 2007-10-23 >>> Due: 2007-12-01 >> >> PE-65 involves documentation regarding second-level status codes. The >> specs should make it clear that second-level status codes are optional >> and consistent throughout. Scott doesn't know how he ended with that, >> perhaps the PE number wrong? >> >> After some discussion, Scott agreed to carry this AI forward in any >> event. >> >>> #0322: Bring Anil up to speed as secretary >>> Owner: Hal Lockhart >>> Status: Open >>> Assigned: 2008-01-29 >>> Due: 2008-02-10 >> >> Closed. >> >>> #0323: Make errata on orig spec with correct reference in place of >>> draft-mealling-uuid-urn-05.txt >>> Owner: Jeff Hodges >>> Status: Open >>> Assigned: 2008-02-11 >>> Due: --- >> >> JeffH not on the call. To provide actual errata text. This AI >> remains open. >> >>> #0324: Update doc with correct reference in place of >>> draft-mealling-uuid-urn-05.txt >>> Owner: Scott Cantor >>> Status: Open >>> Assigned: 2008-02-11 >>> Due: --- >> >> Closed (duplicate). >> >> Meeting adjourned. Next call in two weeks (Feb 26, 2008) >> >>> Hal >> >> Respectfully submitted, > Tom Scavo > NCSA
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]