[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes for SSTC Conference Call (9 February 2010)
Scribe: Scott Cantor AI: Scott to draft note to list re: XML Signature 1.1 AI: Scott to provide any comments on NSN proposal prior to next call AI: Chairs to follow up with tc-admin on: SAML V2.0 Holder-of-Key Assertion Profile Version 1.0 - ballot was complete, CS needs to be prepared and posted SAML V2.0 Holder-of-Key Web Browser SSO Profile Version 1.0 - ballot needed for CS Identity Assurance Profile for SAML2.0 Version 1.0 - cleanup was done for public review, need to get review started Four unposted CS documents from 23 May 2007: http://wiki.oasis-open.org/security/ProtocolExtThirdParty http://wiki.oasis-open.org/security/ProtocolExtAuthnCtx http://wiki.oasis-open.org/security/SharedCredsAuthnCtxExt http://wiki.oasis-open.org/security/TextChallengeResponse - Need to be posted to docs site Approved Errata CD 04: - was voted to Approved Errata status, needs to be prepped and posted to docs site > 1. Roll Call & Agenda Review Thinh: Please add discussion of NSN attribute update proposal to agenda. > 3. Approval of minutes from last meeting (26 January, 2010): > > http://www.oasis- > open.org/apps/org/workgroup/security/email/archives/201002/msg00001.html Rob moved, Tom seconded, unanimous approval. > 4. AIs & progress update on current work-items: > > (a) Current electronic ballots: None open. > > (b) Status/notes regarding past ballots: (none) > > (c) SAML V2.0 Holder-of-Key Web Browser SSO Profile Version 1.0 as a CS > SAML V2.0 Holder-of-Key Assertion Profile Version 1.0 > - Status: DONE. [Waiting for Mary] Tom: No follow-up from tc-admin about the ballot passing for the Assertion profile, should be at CS though. The Web SSO profile did not have a ballot by mistake, so is not at CS yet. Hal: Saw note about the oversight, will follow up with tc-admin about both issues. > (d) Kerberos related items. [Josh/Thomas] > - Status: Both the Attribute Profile and the Subject Confirm > Method docs are in 60-day review. - Kerberos Web Browser SSO > Profile: Josh to provide updated version for SSTC reading. Josh posted updated version the other day. Hal: let's wait until next call for moving SSO profile to CD, since was just posted yesterday. Tom: This is orthogonal to the public review documents? Hal: No, it depends on them, but is still a separate doc. Thomas: Please review SSO profile for next call. Josh: Very similar text/structure to the X.509 SSO profile. > (e) Expressing Identity Assurance profile for SAML2.0 (LOA) > - Status: Bob doing last minute formatting for Mary (to start 60-Day > review). Bob: Formatting changes needed to satisfy OASIS, were done last week, nothing since last Thursday. Hal: Add this to the list of open items to speak with Mary on. Hal: Did the title change after we voted? Bob: Yes. Hal/Scott: Ok for now, but in future we'll really have to tighten up when new regs go into effect. > (f) CS version of Text-based Challenge/Response profile. > - AI: Hal to request Mary to publish 2007 CS version of doc Hal: Four docs listed in wiki in the CS section, and they were all waiting for cleanup and we requested them to be posted to docs area. Need to follow up with Mary on all four. > (g) Errata doc: > - AI: Doc not on website. Scott: Need chairs to follow up. Approved Errata document was left to tc-admin to prepare and post, based on approved CD-04: http://docs.oasis-open.org/security/saml/v2.0/sstc-saml-errata-2.0-cd-04.pdf If we should prepare instead, I can do that, but it will probably end up with formatting issues per usual, so I left it to tc-admin. Scott: Want to dispose of Jira ISSUE-1 and ISSUE-5 items: http://tools.oasis-open.org/issues/browse/SECURITY-1 Fix to NameID constant. TC accepted proposed change. http://tools.oasis-open.org/issues/browse/SECURITY-5 Fix to MIME type registration. TC resolved to leave unchanged. Scott: will close both issues and publish a new "Approved Errata" working draft as the basis of a future errata CD. > 5. New work items: none. TOPIC: NSN Attribute Update proposal AI: Scott to review for next call. Thinh: NSN proposal update, no comments in the last month. Scott: was waiting on some meta-comments from Oracle, but will take action to review for next call. Hal: Some discussion between Oracle and NSN took place, but no further comments expected at this time. TOPIC: XML Signature 1.1 AI: Scott to draft note to list about it In last call: http://www.w3.org/TR/2010/WD-xmldsig-core1-20100204/ Scott: was wondering what our reasoning for using errata process to update original SAML 2.0 spec references to Second Edition were. Hal/others: No real recollection...Frederick said "good idea to do it". Tom: Second Edition was useful to some of the later specs, but no memory of why errata was done. Scott: Same reasoning (whatever it was) might apply to 1.1, questions have been raised about whether SAML "allows" use of 1.1 features like ECC. Hal: Suggest Scott draft a note to list about new features and some possible options for tackling this. > 7. Next Call: Tuesday Feb 23, 2010.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]