[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Draft Minutes, SSTC teleconference, March 11, 2008
Minutes from SAML teleconference, 11 March 2008 Minute taker - Frederick Hirsch > Roll Call & Agenda Review Roll Call:- Voting Members: Hal Lockhart BEA Systems, Inc. Rob Philpott EMC Corporation Scott Cantor Internet2 Bob Morgan Internet2 Tom Scavo National Center for Supercomputing Applications Frederick Hirsch Nokia Corporation Ari Kermaier Oracle Corporation Anil Saldhana Red Hat David Staggs Veterans Health Administration Members: Eve Maler Sun Microsystems Nathan Klingenstein Internet2 Non-Voting Members: None 9 out of 16 voting members (Quorum Achieved) Hal Lockhart chaired. > Need a volunteer to take minutes Frederick Hirsch taking minutes > 1. Approve minutes from Feb 26, 2008 > http://lists.oasis-open.org/archives/security-services/200803/ > msg00011.html Approved unanimously. > 2. Administrative > > 2.1 SAML XML.org: Call for Site Sponsors > http://lists.oasis-open.org/archives/security-services/200803/ > msg00012.html Note call for sponsors. > 2.2 OASIS XACML InterOp Demo, RSA 2008, San Francisco, California, > USA, April 7-11 2008 > http://lists.oasis-open.org/archives/security-services/200802/ > msg00065.html Every day ongoing throughout event. > 2.3 OASIS Symposium: Call for Proposals for the eGovernment > Workshop oneID and Citizen-centric Administration > http://lists.oasis-open.org/archives/security-services/200802/ > msg00059.html Call for papers. > 3. Document Status > > 3.1 Subject-based Profiles for SAML V1.1 Assertions (Draft-02) > http://lists.oasis-open.org/archives/security-services/200802/ > msg00039.html Tom Scavo posted new draft. Adds missing material, but not complete. Needs conformance section. Please comment on list. > 3.2 Five specs finished public review and are on their way to CS > > * SAMLv2.0 HTTP POST "SimpleSign" Binding > http://lists.oasis-open.org/archives/security-services/200802/ > msg00062.html > > *Identity Provider Discovery Service Protocol and Profile > (Is this unchanged?) Scott: This was not changed since last fall. > * SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based > Systems > http://lists.oasis-open.org/archives/security-services/200803/ > msg00004.html > > * SAML V2.0 Deployment Profiles for X.509 Subjects > http://lists.oasis-open.org/archives/security-services/200802/ > msg00056.html > > * SAML V2.0 LDAP/X.500 Attribute Profile > http://lists.oasis-open.org/archives/security-services/200802/ > msg00060.html > > Are we ready to vote these to CD? > If so, are we ready to request a CS vote? Frederick Hirsch moved to move these five documents to committee draft. Tom Scavo seconded. No objection, motion approved unanimously. Tom Scavo moved to Request Administrator to hold committee specification vote. Frederick Hirsch seconded. Approved unanimously. Hal requested editors to create Committee Draft versions of the documents using todays date 11 March 2008, updating footers and title page appropriately. Editors also to provide appropriate formats for each document, including editable document, PDF and XHTML for each specification. > 3.3 Technical Overview > http://lists.oasis-open.org/archives/security-services/200803/ > msg00009.html > New draft posted. Paul Madsen posted new version. Please review changes by next call. > 3.4 Holder-of-Key Web Browser SSO Profile Draft > http://lists.oasis-open.org/archives/security-services/200802/ > msg00051.html Nathan Klingenstein introduced a new profile to combine benefits of SAML and PKI, using TLS for key transport, and SAML for identity information. He outlined benefits and the approach, described in the document. Hal - One potential issue with fingerprint is that there is no specification for it, even though typically SHA-1. WSS states it explicitly for this reason. Matching issuer and serial number leads to DN matching, which may have issues. Nathan - one goal is that SP need not understand contents of certificate content, hence not issuer and serial number. Hal - Thanks for submission. Please send comments to list. > 4 Errata > > 4.1 Metadata Errata Items > http://lists.oasis-open.org/archives/security-services/200802/ > msg00066.html Status of errata Scott - Cleaned up errata document, e.g. removed duplicates in errata document, as well as removing proposed errata that have been closed. Two errata remain open from previously, and 2nd level status code and metadata are two new errata. Two to vote on. PE65 PE66 Link to errata document notice http://www.oasis-open.org/apps/org/workgroup/security/email/archives/ 200802/msg00068.html Link to errata document http://www.oasis-open.org/apps/org/workgroup/security/download.php/ 27435/sstc-saml-errata-2.0-draft-42.pdf see line 1186, page 35 motion to approve PE65, Scott moved, Rob seconded Approved unanimously motion to approve PE66, Scott moved, Rob seconded Approved unanimously Hal - Scott please move these from proposed errata to errata. PE67, 68, 69 are on the list Rob - Scott please update PE67 for when element is present. Will also cover other elements. Hal - please look at spec for possible exceptions PE68, raised some time ago. multiple <KeyDescriptor> any of the included keys may be used Motion to accept PE68 as errata item. Scott moved, Rob seconded No objection, approved unanimously PE69 Additional work, possibly profile proposal from Scott. e.g. might want self-signed cert to send key rather than bare key, but may not want to require cert trust processing, etc. Motion to accept PE68 as errata item. Scott moved, Rob seconded No objection, approved unanimously Scott will update errata document. > 5 Other business None > 6 Action Items > > #0323: Make errata on orig spec with correct reference in place of > draft-mealling-uuid-urn-05.txt > Owner: Scott Cantor > Status: Open Still open. > Assigned: 2008-02-11 > Due: 2008-03-11 next call is 25 March. regards, Frederick Frederick Hirsch Nokia
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]