OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Minutes SSTC Telecon (22 March 2011)

Minutes  SSTC Conference Call
Tuesday 22 March, 2011, 12:00pm ET
Minutes taken by Frederick Hirsch

AGENDA:

1. Roll Call & Agenda Review.

Quorum achieved. 

Bob Morgan will regain voting status after meeting.

Additional agenda item, k, for Attribute Predicate profile added to agenda.

2. Need a volunteer to take minutes.

Frederick Hirsch volunteered to take minutes.

3. Approval of minutes from last meetings:

- Minutes from SSTC Call on 8 March 2011:

http://lists.oasis-open.org/archives/security-services/201103/msg00020.html

MOTION: Anil moves to approve minutes from 8 March, Bob seconds
Minutes from 8 March 2011 approved unanimously .

4. AIs & progress update on current work-items:

 (a) Current electronic ballots: None.

 (b) Status/notes regarding past ballots: (none).

 (c) Kerberos Attribute Profile: [Josh/Thomas]
     - Status: Request submitted for 15-day Public Review.
     - Status: Currently in 15-day review (closing 27 March 2011).

 (d) Session Token Profile (Hal)
     - Status: CSD Published.
     - NB: Robin had some notes about XML schema and Ack section.

http://lists.oasis-open.org/archives/security-services/201103/msg00012.html
http://www.oasis-open.org/apps/org/workgroup/security/email/archives/201103/msg00012.html

Contributors list needed to be added, schema needed slash added. 
Request submitted by Hal to Jira for public review, pending, no response given to indicate that public review won't start this week.


 (e) Change Notify Protocol Version 1.0 (Thinh/Phil)
     - Status: CSD Published.
     - Status: Thinh/Phil submitted for 30-Day PR request.
     - Status: Thomas has emailed Robin asking about 30-Day PR.

http://tools.oasis-open.org/issues/browse/TCADMIN-338

Submitted but no status visible, email sent to Robin. Not visible in Jira.

Thinh/Phil not on call.

 (f) Channel binding proposal (Scott)
     - Status: awaiting other items in other groups.
     - Any updates?

No status update.

 (g) Metadata extension for Login/Discovery (Scott)
     - Status:  CSD published.
     - Any updates?

No status update.

  (h) Enhanced Client or Proxy Profile (Scott)
     - Status: WD02 uploaded last week.
     - Status: work waiting for items in IETF Kitten WG.
     - Any updates?

No status update.
 
 (i) Metadata Extensions for Documentation/Registration (Chad)
     - Status: WD04 uploaded 18 March 2011.
     - AI: Chad to request CSD Publication.

Request submitted, fix to schema to add minOccurs 0 , uploaded WD 5 to fix schema problem.

http://www.oasis-open.org/apps/org/workgroup/security/download.php/41541/saml-metadata-rpi-v1.0-wd05.pdf

MOTION: Nate moves to approve CD WSD05 for CSD, Anil seconds.
Motion approved unanimously.

ODT version is document number 41539.
http://www.oasis-open.org/apps/org/workgroup/security/download.php/41539/saml-metadata-rpi-v1.0-wd05.odt

 (j) Errata document (Scott):

     - SECURITY-7: wish to address usage of term "psudeorandom"
       o http://tools.oasis-open.org/issues/browse/SECURITY-7
       o Any updates?

MOTION: Hal moves to accept this change as an approved errata for further processing, Chad seconds.
Motion approved unanimously.

(k) Attribute Predicate Profile (added to agenda)

Franz-Stefan Preiss introduced Attribute Predicate Profile.

IBM working in privacy, wish to have support for predicate over attributes as opposed to simply concrete values. Draft profile produced for SAML assertions, also query format.
Canonical example of restricting age for access to chat room. This enables new privacy-protecting functionality.

see http://www.oasis-open.org/apps/org/workgroup/security/email/archives/201103/msg00022.html

Profile builds on XACML to express predicates, the XACML apply element to apply function to arguments. This enables arbitrary complex predicates over any number of arguments.

Added new statement type, AttributePredicateStatementType.

No changes to SAML standards, normal extension points used, hence a profile. Question as to whether this should be standardized in SSTC - TC members note that a profile like this can be standardized in SSTC. It might make sense to split SSTC and XACML portions for separate approval in the respective TCs - whether this should be done needs review.  The TC discussed whether or not to reduce the number of predicates allowed.

This submission should be uploaded into the SSTC document archive. 

Request for review and discussion on next call.  

5. Assorted mail items:

reminders, NIST IDtrust 2011,  IETF next week.

6. Other items:

None

7. Next SSTC Call: 
  - Tue 5 April 2011.

Adjourn

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]