OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [security-services] Minutes SSTC Telecon (22 March 2011)

On 03/22/2011 11:59 AM, Frederick.Hirsch@nokia.com wrote:
> Minutes  SSTC Conference Call
> Tuesday 22 March, 2011, 12:00pm ET
> Minutes taken by Frederick Hirsch
>
> AGENDA:
>
> 1. Roll Call&  Agenda Review.
Voting Members:
Nathan Klingenstein     Internet2
Chad La Joie     Internet2
Thomas Hardjono     M.I.T.
Frederick Hirsch     Nokia Corporation
Thinh Nguyenphu     Nokia Siemens Networks GmbH & Co. KG
Ari Kermaier     Oracle Corporation
Hal Lockhart     Oracle Corporation
Emily Xu     Oracle Corporation
Anil Saldhana     Red Hat
David Staggs     Veterans Health Administration

Members:
Bob Morgan     Internet2
Anthony Nadalin     Microsoft Corporation
Duane DeCouteau     Veterans Health Administration

Observers:
Franz-Stefan Preiss IBM
> Quorum achieved. (10 off 14 voting members. 71%)
>
> Bob Morgan will regain voting status after meeting.
>
> Additional agenda item, k, for Attribute Predicate profile added to agenda.
>
> 2. Need a volunteer to take minutes.
>
> Frederick Hirsch volunteered to take minutes.
>
> 3. Approval of minutes from last meetings:
>
> - Minutes from SSTC Call on 8 March 2011:
>
> http://lists.oasis-open.org/archives/security-services/201103/msg00020.html
>
> MOTION: Anil moves to approve minutes from 8 March, Bob seconds
> Minutes from 8 March 2011 approved unanimously .
>
> 4. AIs&  progress update on current work-items:
>
>   (a) Current electronic ballots: None.
>
>   (b) Status/notes regarding past ballots: (none).
>
>   (c) Kerberos Attribute Profile: [Josh/Thomas]
>       - Status: Request submitted for 15-day Public Review.
>       - Status: Currently in 15-day review (closing 27 March 2011).
>
>   (d) Session Token Profile (Hal)
>       - Status: CSD Published.
>       - NB: Robin had some notes about XML schema and Ack section.
>
> http://lists.oasis-open.org/archives/security-services/201103/msg00012.html
> http://www.oasis-open.org/apps/org/workgroup/security/email/archives/201103/msg00012.html
>
> Contributors list needed to be added, schema needed slash added.
> Request submitted by Hal to Jira for public review, pending, no response given to indicate that public review won't start this week.
>
>
>   (e) Change Notify Protocol Version 1.0 (Thinh/Phil)
>       - Status: CSD Published.
>       - Status: Thinh/Phil submitted for 30-Day PR request.
>       - Status: Thomas has emailed Robin asking about 30-Day PR.
>
> http://tools.oasis-open.org/issues/browse/TCADMIN-338
>
> Submitted but no status visible, email sent to Robin. Not visible in Jira.
>
> Thinh/Phil not on call.
>
>   (f) Channel binding proposal (Scott)
>       - Status: awaiting other items in other groups.
>       - Any updates?
>
> No status update.
>
>   (g) Metadata extension for Login/Discovery (Scott)
>       - Status:  CSD published.
>       - Any updates?
>
> No status update.
>
>    (h) Enhanced Client or Proxy Profile (Scott)
>       - Status: WD02 uploaded last week.
>       - Status: work waiting for items in IETF Kitten WG.
>       - Any updates?
>
> No status update.
>
>   (i) Metadata Extensions for Documentation/Registration (Chad)
>       - Status: WD04 uploaded 18 March 2011.
>       - AI: Chad to request CSD Publication.
>
> Request submitted, fix to schema to add minOccurs 0 , uploaded WD 5 to fix schema problem.
>
> http://www.oasis-open.org/apps/org/workgroup/security/download.php/41541/saml-metadata-rpi-v1.0-wd05.pdf
>
> MOTION: Nate moves to approve CD WSD05 for CSD, Anil seconds.
> Motion approved unanimously.
>
> ODT version is document number 41539.
> http://www.oasis-open.org/apps/org/workgroup/security/download.php/41539/saml-metadata-rpi-v1.0-wd05.odt
>
>   (j) Errata document (Scott):
>
>       - SECURITY-7: wish to address usage of term "psudeorandom"
>         o http://tools.oasis-open.org/issues/browse/SECURITY-7
>         o Any updates?
>
> MOTION: Hal moves to accept this change as an approved errata for further processing, Chad seconds.
> Motion approved unanimously.
>
> (k) Attribute Predicate Profile (added to agenda)
>
> Franz-Stefan Preiss introduced Attribute Predicate Profile.
>
> IBM working in privacy, wish to have support for predicate over attributes as opposed to simply concrete values. Draft profile produced for SAML assertions, also query format.
> Canonical example of restricting age for access to chat room. This enables new privacy-protecting functionality.
>
> see http://www.oasis-open.org/apps/org/workgroup/security/email/archives/201103/msg00022.html
>
> Profile builds on XACML to express predicates, the XACML apply element to apply function to arguments. This enables arbitrary complex predicates over any number of arguments.
>
> Added new statement type, AttributePredicateStatementType.
>
> No changes to SAML standards, normal extension points used, hence a profile. Question as to whether this should be standardized in SSTC - TC members note that a profile like this can be standardized in SSTC. It might make sense to split SSTC and XACML portions for separate approval in the respective TCs - whether this should be done needs review.  The TC discussed whether or not to reduce the number of predicates allowed.
>
> This submission should be uploaded into the SSTC document archive.
>
> Request for review and discussion on next call.
>
> 5. Assorted mail items:
>
> reminders, NIST IDtrust 2011,  IETF next week.
>
> 6. Other items:
>
> None
>
> 7. Next SSTC Call:
>    - Tue 5 April 2011.
>
> Adjourn

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]