OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: May 4, 2010 SSTC minutes


Minutes of the SSTC Conference Call
Tuesday 4 May 2010, 12:00pm ET

1. Roll Call & Agenda Review.

John Bradley Individual
Scott Cantor Internet2
Nathan Klingenstein Internet2
Thomas Hardjono M.I.T.
Frederick Hirsch Nokia Corporation
Thinh Nguyenphu Nokia Siemens Networks GmbH & Co. KG
Paul Madsen NTT Corporation
Hal Lockhart Oracle Corporation
Emily Xu Oracle Corporation
Anil Saldhana Red Hat
David Staggs Veterans Health Administration

Members:
Ari Kermaier Oracle Corporation
Bob Morgan Internet2
Phil Hunt Oracle Corporation

Quorum: 11 out of 15 voting members. Quorum achieved (73%)
Status: Tom Scavo and Rob Philpott lose voting status.

2. Minute taker: David Staggs.

3. Approval of 3/9, 3/23, and 4/6 meeting minutes:
MOTION: Nate Moves all minutes be accepted, John seconds.
No objections.
Motion passed.

4. Action Items & progress update on current work-items

(a) Current electronic ballots: None open.

(b) Status/notes regarding past ballots: (none)

(c) SAML V2.0 Holder-of-Key Web Browser SSO Profile V1.0 as a CS
AI (OPEN): Tomas to follow-up with Mary to complete and upload 
electronic ballot as a CS; expected ballot date was April 15.

(d) SAML V2.0 Holder-of-Key Assertion Profile V1.0
Tomas reports no announcement is required of TC-Admin on success of the 
recent ballot (per Mary).
No additional details on the next step for this profile yet. Hal points 
out Mary should upload CS to document site.
AI (OPEN): Tomas to follow up with Mark on uploading CS

(e) Kerberos related items.
Tomas reports the Kerberos Web Browser SSO Profile is in 60-day public 
review phase.

(f) Expressing Identity Assurance profile for SAML2.0 (LOA)
Bob reports in 60-day public review. Bob has forwarded the profile to 
interested organizations, including Kantara and ICAM. NIST was suggested 
as another interested party (i.e. authors of SP 800-63 “Electronic 
Authentication Guideline”).

(g) Older docs: Thomas has formally asked Mary to post 4 documents to 
the repository on March 11.
The documents have not been uploaded.
AI (OPEN): Tomas to follow up with Mary

(h) "Approved Standard with Approved Errata"
Scott reports on open issue (security-6) that was raised by Ari. More 
generic language used to describe the IDP is the arbiter to delivery 
location to avoid response would be required in all cases, even when a 
security issue.
AI (CLOSED): Will vote on text in next draft.

(i) NSN Attribute Update proposal (Thinh)
Phil and Thinh report on draft. Discussion on harmonizing content with 
“add subject” concept in protocol from Oracle. In performing 
modification of existing information, Oracle wants to push to IdP as an 
add; current NSN favors a pull. Proposed use of an error code to 
initiate service provider add subject and/or a change to processing 
rules to use “nameIdentity” code to trigger addSubject operation.

Scott suggests the flow diagram on how to provision user to another IdP 
is similar on the front channel to existing SSO protocol. Phil 
interested in how steps 8-11 can be modeled with existing protocol. 
Technical discussion on the approach resulted in Phil offering to apply 
concepts to front and back channels and bring back to TC. Nate suggested 
additional information could be exchanged on the mailing list and will 
provide ideas to team. Nate offered to review revised proposal to 
address the front channel and the back channel.
AI (OPEN): Phil and Thinh to update document per discussion.

4(j) Metadata Interop profile
Scott reports generally positive review from ICAM, will make another 
pass before going to CD. Will monitor content on eGov list discussing 
harmonization of the ICAM profile vs. eGov profile.
AI (OPEN): Scott to update document as needed.

4(k) SSO initiation draft
Scott would like to move SSO initiation draft to CD
MOTION: Scott motions to move SSO initiation draft to CD; John Bradley 
Seconds.
No objections.
Motion passed.
AI (OPEN): Scott to put CD documentation together and ask Mary to upload 
to document site.

5. New work items: none.

6. Assorted threads on saml-dev/comment list: no discussion.

7. Next Call: Tuesday 18 May, 2010.



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]