OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: FW: Minutes SSTC Conference Call (9 March 2010)




> -----Original Message-----
> From: Thomas Hardjono [mailto:hardjono@MIT.EDU]
> Sent: Monday, March 08, 2010 1:22 PM
> To: OASIS SSTC
> Cc: Harold Lockhart
> Subject: [security-services] Proposed Agenda SSTC Conference Call (9
> March 2010)
>
>
>
>
> Folks,
>
> Let us know if there are any corrections or changes
> needed for the Agenda.
>
> Note: Thomas will not be on the call due to a meeting clash, but Hal
> will be present.
>
>
> Hal+Thomas
> -----------------
>
> _______________________________________________________
>
> Proposed Agenda SSTC Conference Call
> Tuesday 9 March 2010, 12:00pm ET
>
> Dial in info: +1 408-774-4073
> Conference code: 4480739
> Password: 72657265 (SAMLSAML)
>
>
> 1. Roll Call & Agenda Review
No quorum.

>
> 2. Need a volunteer to take minutes
Ari (was) volunteered.

>
> 3. Approval of minutes from last meeting (23 Feb, 2010):
Skipped due to lack of quorum.

>
> http://www.oasis-
> open.org/apps/org/workgroup/security/email/archives/201003/msg00006.htm
> l
>
> NB. Minor typo ("ICAM" vs "ICANN").
>
>
> 4. AIs & progress update on current work-items:
>
>   (a) Current electronic ballots: None open
No update.

.
>
>   (b) Status/notes regarding past ballots: (none)
No update.

>
>   (c) SAML V2.0 Holder-of-Key Web Browser SSO Profile Version 1.0 as a
> CS
>            SAML V2.0 Holder-of-Key Assertion Profile Version 1.0
>         - Status: Mary asked chairs to send 1 email per request to TC-
> Admin
>         - AI: Thomas will resend to Mary, 1 email per request for all
> documents. (TBD Thomas)
Ballot passed. Issue Tracker: TC-Admin 52
No official notification from TC-Admin, though.
Who should create the CS version -- TP-Admin?

>
>   (d) Kerberos related items. [Josh/Thomas]
>         - Attribute Profile and the Subject Confirm Method docs are in
> 60-day review.
>         - Kerberos Web Browser SSO Profile:
>               - Want to move to CD, but waiting for reformatting of doc
>         - AI: Thomas/Josh to reformat to CD format before resubmitting
> request.
No update.

>
>   (e) Expressing Identity Assurance profile for SAML2.0 (LOA)
>         - Bob has done all corrections Mary asked for.
>         - Status: Mary asked chairs to send 1 email per request to TC-
> Admin
>         - AI: Thomas will resend to Mary, 1 email per request for all
> documents. (TBD Thomas)
Issue Tracker: TC-Admin 75
Scott reports having sent requested info to Mary, but status not updated.

>
>   (f) CS version of Text-based Challenge/Response profile.
>         - Status: Mary asked chairs to send 1 email per request to TC-
> Admin
>         - AI: Thomas will resend to Mary, 1 email per request for all
> documents. (TBD Thomas)
No update, but no open AI in SSTC.

>
>   (g) Errata doc:
>        - Scott working on publishing updated "Approved Standard with
> Approved Errata".
Getting document published at URL is still outstanding. Scott still doesn't have closure on whether he or RC-Admin will do the edits for the CS version.

>
>   (h) NSN Attribute Update proposal (Thinh)
Phil Hunt (Oracle) posted an alternate proposal that covers similar use cases. Basically the same as last Fall's proposal, with the addition of full subject lifecycle management (Add, Modify), and Replace in the Modify operation.
Scott asks: Is this a back-channel or front-channel protocol?
Answer: Intended as back-channel, but could be profiled as front-channel.
Scott: Don't you need to have subject authentication to add a subject? Sounds like something to be careful about.
Phil: Maybe need additional spec for authn/delegation.
Scott: Does Modify Subject include NameID modification? Isn't that already covered by Manage NameID protocol?
Discussion/observations about proposals for authentication, SP credentialing, policy, IDP semantics, etc.
Hal calls for TC to review the new proposal.

>
>   (i) Metadata Interop profile (Scott) - update
Scott suggested incorporating Josh's Kerberos-related profiles into a revision of the current profile. Scott rev'ed the document to v2.0, merged in the material, reworked the conformance section. Also made some modifications to respond to objections from other communities (ICAM, et al). Posted March 1. Still has some cleanup and schema work to do. Also wants to pull in XML-DSIG 1.1 KeyInfo, but timelines may not work out if we want to progress the document to CS sooner.

    (j) Scott has a new profile draft, just uploaded, that he'll describe briefly on the
call to solicit comment. http://wiki.oasis-open.org/security/RequestInitProtProf
Scott: Proposal to standardize a Shibboleth mechanism for how to ask a provider to initiate SSO (SP or IDP initiated). Particularly useful for SPs supporting multiple protocols. Not SAML(2)-specific, designed to work across multiple protocols, including InfoCard. Composable with the Discovery Protocol.

>
>
> 5. New work items: none.
>
>
> 6. Assorted threads on saml-dev/comment list:
>     - SAML assertion profile in OAuth 2.0 (Paul M.)
Sunil mentions that SAML is not strongly referenced in the OAuth spec. Bob mentions that they might be removing that reference.
>     -  Project Moonshot (Josh)
>           - IETF draft and planned BOF at IETF77
Scott: There are various conversations and proposals going on about where SAML fits into this. Try to attend the Bar BOF at IETF77.

>
>
> 7. Next Call: Tuesday 23 March, 2010.
>     New dial-in number (MIT webex number): Thomas to post on separate
> email.
>
>
> _______________________________________________________
>
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  Follow this link to all your TCs in OASIS at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
>


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]