OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: (Amended) Minutes, SSTC Concall, Feb 26, 2008


Roll Call & Agenda Review

Voting Members:
Hal Lockhart      BEA Systems, Inc.
Rob Philpott     EMC Corporation
Scott Cantor     Internet2
Bob Morgan     Internet2
Eric Tiffany     Liberty Alliance Project
Tom Scavo     National Center for Supercomputing Applica...
Peter Davis     Neustar, Inc.
Jeff Hodges     Neustar, Inc.
Frederick Hirsch Nokia Corporation
Paul Madsen     NTT Corporation
Ari Kermaier     Oracle Corporation
Brian Campbell     Ping Identity Corporation
Anil Saldhana     Red Hat
Emily Xu     Sun Microsystems
Kent Spaulding     Tripod Technology Group, Inc.
David Staggs     Veterans Health Administration

Members: None
Observers: None

16 out of 21 Voting Members - Quorum Achieved

Membership Status Change
Lost Voting Status - Abbie Barbir(Nortel), Eve Maler (Sun) and Charles 
Knouse (HP)


Frederick Hirsch suggested that during roll call if any observers are 
present they be reminded that they should not speak during the meeting 
and should consider becoming members.
(See observer definition,  item v,  in 
http://www.oasis-open.org/committees/process.php#definitions)


Need a volunteer to take minutes
Anil Saldhana

1. Approve minutes from Feb 12, 2008
http://lists.oasis-open.org/archives/security-services/200802/msg00009.html

Approved

Administrative:
Hal talks about Oasis IDTrust Steering Committee sponsored IDTrust08 
workshop at NIST.
    - TC members (SAML and XACML) speaking at the conference.
    - The chairs have received a preview proposal from Internet2 on SSO 
profile using TLS (Order of Key).

3. Document Status

3.1 Five specs finished public review and are [slowly] on their way to CS

No public comment during review but some necessary minor changes

* SAMLv2.0 HTTP POST "SimpleSign" Binding
- Had/has broken references

*Identity Provider Discovery Service Protocol and Profile
?

* SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based Systems
?

* SAML V2.0 Deployment Profiles for X.509 Subjects
- Needs a minor change to the terminology previously introduced in the
conformance section

* SAML V2.0 LDAP/X.500 Attribute Profile
- Need to add Mark Wahl as a contributor.


Brian: Not much public comment. Need some necessary minor changes.
Brian: Not aware of any issues associated with some profiles; hence 
marked as ?
        -- Need to move these drafts into community drafts.
        -- Mark Wahl needs to be added in the appendix.
        -- Next week, we need to have a CD vote.

Hal: We can do the voting as a batch.

Tom: Is there a need for fresh uploads of these documents?
Hal: If there are no changes, then they can be left as committee drafts.



3.2 Technical Overview
http://www.oasis-open.org/committees/download.php/25411/sstc-saml-tech-overview-2.0-draft-14.pdf

Much discussion:
http://lists.oasis-open.org/archives/security-services/200802/msg00005.html
+ msgs 12-26
Where do we stand?

Brian: No clear agreement/disagreement.
Tom: No changes have been yet made.
     -- I will incorporate Frederick's comments.


3.3 Subject-based Profiles for SAML V1.1 Assertions
http://lists.oasis-open.org/archives/security-services/200801/msg00003.html
and definition of "strongly matches"
http://lists.oasis-open.org/archives/security-services/200801/msg00025.html
[still] Awaiting further discussion.

Brian: Things have been pretty much silent.  Very little discussion 
happened.
Tom: Uploaded Draft 2 this morning.
      -- Two changes - motivating text in introduction and definition of 
strongly matches.
      -- Close to completion.
 From Tom's email:
http://www.oasis-open.org/apps/org/workgroup/security/download.php/27337/sstc-saml1-profiles-assertion-subject-draft-02.pdf
http://www.oasis-open.org/apps/org/workgroup/security/download.php/27338/sstc-saml1-profiles-assertion-subject-draft-02-diff.pdf


"I added some motivating text to the Introduction (along the lines of
what Brian asked about) and added a working definition of "strongly
matches" in section 2.5.  Much of the remaining profile depends on
this definition, so if you're okay with that (as Scott pointed out),
then the rest of the profile follows easily."

Brian: Encourage everyone to take a look.


4 Errata

4.1 (AI#311) Additions/Adjustments to PE65 Second-level StatusCode

http://lists.oasis-open.org/archives/security-services/200802/msg00027.html

Abbie is handling this.
**Scott has volunteered to maintain the errata document.**


5 Other business

Silence.


6 Action Items (Report created 25 February 2008 04:28pm EST)

#0323: Make errata on orig spec with correct reference in place of
draft-mealling-uuid-urn-05.txt
Owner: Jeff Hodges
Status: Open
Assigned: 2008-02-11
Due: 2008-03-11

Scott will take care of this.  Reassigned to Scott.


#0311: Propose specific document changes required for PE-65
Owner: Scott Cantor
Status: Open
Assigned: 2007-10-23
Due: 2008-03-11


Call Adjourned


Remarks:
[1] The minutes was amended to replace the name of the person who 
suggested the reminder to Observers about participation in the meeting, 
from Scott Cantor to Frederick Hirsch (Nokia).


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]