Minutes for SSTC Call 30 Nov 2010

[Nate Klingenstein <ndk@internet2.edu>]

> 1. Roll Call & Agenda Review.

Quorum was achieved.

> 2. Need a volunteer to take minutes.

Nate volunteered.

> 3. Approval of minutes from last meetings:
>
> - Minutes from SSTC Call on 16 Nov 2010:
>
> http://www.oasis-open.org/apps/org/workgroup/security/email/archives/201011/msg00047.html

Hal Lockhart(a.k.a. Tom Lockhard) corrected his name in an earlier  
edition of the minutes.  His amended version is the one that was voted  
on.

Rob moved to approve the minutes so amended by Hal, and Emily seconded  
their approval.  No objections were raised and the minutes were  
approved.

> 4. AIs & progress update on current work-items:
>
>  (a) Current electronic ballots: none currently open.
>
>  (b) Status/notes regarding past ballots: (none).
>
>  (c) Kerberos related items. [Josh/Thomas]
>      - Kerberos Attribute Profile:
>      - AI: Josh/Thomas will suggest additions to Attribute Profile.
>      - AI: Thomas to move ahead with Web SSO and Subj Confirmation  
> profiles.

Thomas hopes that through the peace and quiet of the holidays he'll  
have some time to allocate to work on these profiles.

>  (d) SAML V2.0 Identity Assurance Profiles, Version 1.0
>      - Status: 15-day review closed on 10 Sept.
>      - Status:  Scott working with Mary to generate HTML.
>      - Any updates?

Scott thinks the committee specification version of the profiles has  
been finished and this item can be removed from future agendas.

>  (e) SAML V2.0 Metadata Profile for Algorithm Support Version 1.0:
>      - Status: Thomas to ask Mary for (i) CSD version (from  
> draft-03) and
>        (ii) to Start new 15 day of CSD.
>      - Status from last telecon:
>        + Waiting on the the CSD from Mary
>        + Will ask Thomas to update the public template
>          once the CSD is generated.

The 15 day review is likely almost over at this point, and a comment  
was received from Thomas Scavo from InCommon.  Technically, the  
comments are out of order, because the issues aren't covered by the  
second review.  There is no need to formally handle the comments since  
they weren't directed at the changes, which means the review will end  
by Friday.  On the next call, we'll look at moving it towards CS status.

>  (f) SAML Attribute Predicates (Greg Neven)
>      - AI: Greg to propose a working draft for the SSTC to consider.
>      - Any updates?

Greg has indicated that he'll need more time to develop a working  
draft for the SSTC to consider.  The

>  (g) Session Token Profile (Hal) -- Any updates?

Hal has received a few comments that will go into a revision of the  
draft.  He would like any additional feedback on the profile late this  
week or very early next week so that he can issue a revised draft well  
in advance of the next SSTC call.

>  (h) NSN Attribute Management proposal (Thinh/Phil)
>      - AI: wish to move to CD during this call.

Thinh was not on the call, traveling on business overseas.  His last  
indication was that NSN would like to move the draft to CD at this  
stage.  The objective right now is to achieve broader review.  Phil  
had a good conversation with Chad, which illuminated that the problem  
solved by the spec needs to be called out more clearly.  Phil is  
convinced there's some editing refinement that can be done to position  
the spec better, but the two agreed that there is a real problem to be  
solved in change notification issuance.

Phil was curious whether it was appropriate to use committee draft as  
a way to achieve broader review.  Hal doesn't think that the new OASIS  
CD status is substantively different from historical CD status, but  
it's also not clear to him that CD's get more attention.  It certainly  
doesn't get less.  But Phil is not ready to move to public review yet.

CD status triggers a few automatic changes such as IPR status.  Phil  
envisions some remaining editorial cleanups and some potential changes  
to some attributes and qualifiers that would result in minor  
alterations to schema.  This is the fourth major iteration, and the  
two-step notify followed by an action helps to solve many of the  
statefulness challenges involved in federated provisioning.  That is  
an advantage of using a change notification process that needs to be  
called out more clearly in the introduction.

Scott points out that going to CD early creates a little more work for  
Mary.  To Scott, moving to CD status is best used as an indication to  
people that the spec is ready for consideration for implementation.   
Phil believes that now is the time to start playing with  
implementations to understand whether some qualification attributes  
are necessary on endpoints, and Chad and Phil had discussions about  
where more or less flexibility and dynamism is necessary in the  
protocol itself.  Phil thinks that following a CD edition and a little  
implementation experience, we can resolve those questions in an  
informed manner.

Phil would be comfortable waiting two more weeks to move this to CD so  
that Thinh can be a participant.  This also gives Chad and others a  
slightly bigger window in which they can propose changes, without  
spending too much time going in circles.

>  (i) Channel binding proposal (Scott) - any updates?

No updates to report.

>  (j) Metadata extension for Login/Discovery (Scott) - any updates?

Scott uploaded a new working draft of this metadata extension to add a  
"keywords" element to support generalized searching.  This came up as  
a discussion point in a variety of other working groups.  This is the  
only outstanding addition, and it's probably ready for CD, but Scott  
would like to hold off and have a little more discussion about it in  
other working groups before moving it forward in the SSTC.

>  (k) Enhanced Client or Proxy Profile (Scott) - any updates?

No updates to report.

> 5. Assorted mail items:
>
> 6. Other items:

Chad submitted another minor metadata draft extension to allow  
metadata entries to be labeled in some form, but it's anticipated that  
there will be fairly major revision to it, so Scott believes there  
isn't much to discuss at this point.

>   - Propose to cancel SSTC Call on Tue 28 December 2010.

Nate stated that his winter will be cold and lonely without an SSTC  
call, but he was overruled by majority consensus and the meeting will  
be canceled.

> 7. Next SSTC Call: Tuesday 14 December 2010.