[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Minutes for SSTC Call (25 January 2011)
On 01/25/2011 11:59 AM, Cantor, Scott E. wrote: >> AGENDA: >> >> 1. Roll Call& Agenda Review. Voting Members: Scott Cantor Internet2 Nathan Klingenstein Internet2 Thomas Hardjono M.I.T. Frederick Hirsch Nokia Corporation Thinh Nguyenphu Nokia Siemens Networks GmbH & Co. KG Phil Hunt Oracle Corporation Hal Lockhart Oracle Corporation Emily Xu Oracle Corporation Anil Saldhana Red Hat Members: Ari Kermaier Oracle Corporation Bob Morgan Internet2 Abbie Barbir Bank of America George Fletcher AOL Quorum: 9 out of 13 voting members (69%) : achieved > Abbie's ITU-T item added to agenda. > >> 2. Need a volunteer to take minutes. > Scott volunteered. > >> 3. Approval of minutes from last meetings: >> >> - Minutes from SSTC Call on 11 January 2010: >> >> http://www.oasiszopen.org/apps/org/workgroup/security/email/archives/201101/msg00014.html > Moved by Anil, seconded Nate. No objections. > >> 4. AIs& progress update on current work-items: >> >> (a) Current electronic ballots: (none). >> >> (b) Status/notes regarding past ballots: (none). >> >> (c) Kerberos Attribute Profile: [Josh/Thomas] >> - Status: Request submitted for 15-day Public Review. >> - Status: Thomas submitted CSD request to Oasis on 15 Dec 2010. >> - Status: awaiting response from Oasis. >> - #337 on Oasis Issues Tracker: http://tinyurl.com/47yta4p > Thomas noted that a question was raised about changes to the Kerb token profile for WSS, but the maintenance TC indicated this was out of scope. > >> (d) SAML V2.0 Metadata Profile for Algorithm Support Version 1.0: >> - Status: seeking to move to CS status. >> - AI: Thomas to request CS ballot Creation. > Not done yet. > >> (e) Session Token Profile (Hal) >> - Wish to do create CD Ballot. > Hal: not looking for ballot, got comments from Scott, and after review and updates, the new draft is not complete. > > Hal: would like to keep it bearer confirmation only, Scott agrees this is fine. > > Hal/Scott discussed the requirement for a NameID in the session token, and Scott objects to the assumption that the original SSO event included a NameID or in fact any long term identifier, since that's considered out of scope of the profile and left to deployment. > > Scott raised the common Shibboleth use case of attributes-only with no long term identifier, and Hal indicated that made sense and would take that back to this team. > > Hal: hoping to publish soon, looking for vote on next call. > >> (f) Change Notify Protocol Version 1.0 (Thinh/Phil) >> - AI: Seeking to move to CSD status. >> - Status: Thomas submitted CSD request to Oasis on 15 Dec 2010. >> - Status: awaiting response from Oasis. >> - #338 on Oasis Issues Tracker: http://tinyurl.com/47yta4p > There was a bit of back and forth about filenames and some image content, but it's moving forward. > > Nate: Robin had asked about which directories to use for new drafts, and I told her that the Post-2.0 folder should be the main location. > >> (g) Channel binding proposal (Scott) >> - Any updates? >> >> (h) Metadata extension for Login/Discovery (Scott) >> - Status: Thomas submitted CSD request to Oasis on 15 Dec 2010. >> - Status: awaiting response from Oasis. >> - #339 on Oasis Issues Tracker: http://tinyurl.com/47yta4p >> >> (i) Enhanced Client or Proxy Profile (Scott) >> - Any updates? > Expect a new draft fairly soon. > >> (j) Metadata Extensions for Documentation/Registration (Chad) >> - WD02 uploaded before Christmas. >> - Any updates? > TOPIC: Abbie discussing ITU-T coordination > > Abbie: SAML 2.0 was published there as a standard. Due to the agreement, it's the TC's responsibility to provide updates and they're concerned about it being out of date. > > Hal: The only items we would send them are actual OASIS standards, of which we have few. > > Abbie: Could have draft documents in ITU-T to provoke comment. > > Hal: Need to separate things...definitely need to send over approved errata and actual standards, regardless of the various other drafts and documents. > > Abbie: Could get additional implementers with more exposure. > > Thomas: Can we even share such drafts with them? > > Hal: All of them are public, but we're not talking about official submissions, just FYIs. Would need to coordinate anything like this with liason staff at OASIS. > > Abbie: I can coordinate that. Next meeting is in April, we'd have to move quickly. > > Hal: Suggest chairs compile list of documents we think we should submit officially, and separately let's come up with a list of FYI docs. The official ones need a special majority ballot to approve submission. > > Hal: Concerned about formatting CSDs into ITU format. > > Nate: We should consider CS and up only. > > Abbie: Agree. > > Thomas: Is there a policy about who gets to decide what to share? > > Hal: No, nothing outside OS is defined for official purposes. > > Abbie: We could even just share links. > > Several: We should do that if possible. > > Additional discussion about getting wiki links to XSPA material up to date among Hal and David Staggs. > > Thomas: Nate and I will work on building the document lists. > >> 5. Assorted mail items: >> - NIST IDtrust 2011 >> >> 6. Other items: > Scott mentioned some proposed errata items he's submitted/submitting, will discuss next call. > >> 7. Next SSTC Call: >> - 8 February 2011 >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]