[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Minutes SSTC Telecon (22 March 2011)
On 03/22/2011 11:59 AM, Frederick.Hirsch@nokia.com wrote: > Minutes SSTC Conference Call > Tuesday 22 March, 2011, 12:00pm ET > Minutes taken by Frederick Hirsch > > AGENDA: > > 1. Roll Call& Agenda Review. Voting Members: Nathan Klingenstein Internet2 Chad La Joie Internet2 Thomas Hardjono M.I.T. Frederick Hirsch Nokia Corporation Thinh Nguyenphu Nokia Siemens Networks GmbH & Co. KG Ari Kermaier Oracle Corporation Hal Lockhart Oracle Corporation Emily Xu Oracle Corporation Anil Saldhana Red Hat David Staggs Veterans Health Administration Members: Bob Morgan Internet2 Anthony Nadalin Microsoft Corporation Duane DeCouteau Veterans Health Administration Observers: Franz-Stefan Preiss IBM > Quorum achieved. (10 off 14 voting members. 71%) > > Bob Morgan will regain voting status after meeting. > > Additional agenda item, k, for Attribute Predicate profile added to agenda. > > 2. Need a volunteer to take minutes. > > Frederick Hirsch volunteered to take minutes. > > 3. Approval of minutes from last meetings: > > - Minutes from SSTC Call on 8 March 2011: > > http://lists.oasis-open.org/archives/security-services/201103/msg00020.html > > MOTION: Anil moves to approve minutes from 8 March, Bob seconds > Minutes from 8 March 2011 approved unanimously . > > 4. AIs& progress update on current work-items: > > (a) Current electronic ballots: None. > > (b) Status/notes regarding past ballots: (none). > > (c) Kerberos Attribute Profile: [Josh/Thomas] > - Status: Request submitted for 15-day Public Review. > - Status: Currently in 15-day review (closing 27 March 2011). > > (d) Session Token Profile (Hal) > - Status: CSD Published. > - NB: Robin had some notes about XML schema and Ack section. > > http://lists.oasis-open.org/archives/security-services/201103/msg00012.html > http://www.oasis-open.org/apps/org/workgroup/security/email/archives/201103/msg00012.html > > Contributors list needed to be added, schema needed slash added. > Request submitted by Hal to Jira for public review, pending, no response given to indicate that public review won't start this week. > > > (e) Change Notify Protocol Version 1.0 (Thinh/Phil) > - Status: CSD Published. > - Status: Thinh/Phil submitted for 30-Day PR request. > - Status: Thomas has emailed Robin asking about 30-Day PR. > > http://tools.oasis-open.org/issues/browse/TCADMIN-338 > > Submitted but no status visible, email sent to Robin. Not visible in Jira. > > Thinh/Phil not on call. > > (f) Channel binding proposal (Scott) > - Status: awaiting other items in other groups. > - Any updates? > > No status update. > > (g) Metadata extension for Login/Discovery (Scott) > - Status: CSD published. > - Any updates? > > No status update. > > (h) Enhanced Client or Proxy Profile (Scott) > - Status: WD02 uploaded last week. > - Status: work waiting for items in IETF Kitten WG. > - Any updates? > > No status update. > > (i) Metadata Extensions for Documentation/Registration (Chad) > - Status: WD04 uploaded 18 March 2011. > - AI: Chad to request CSD Publication. > > Request submitted, fix to schema to add minOccurs 0 , uploaded WD 5 to fix schema problem. > > http://www.oasis-open.org/apps/org/workgroup/security/download.php/41541/saml-metadata-rpi-v1.0-wd05.pdf > > MOTION: Nate moves to approve CD WSD05 for CSD, Anil seconds. > Motion approved unanimously. > > ODT version is document number 41539. > http://www.oasis-open.org/apps/org/workgroup/security/download.php/41539/saml-metadata-rpi-v1.0-wd05.odt > > (j) Errata document (Scott): > > - SECURITY-7: wish to address usage of term "psudeorandom" > o http://tools.oasis-open.org/issues/browse/SECURITY-7 > o Any updates? > > MOTION: Hal moves to accept this change as an approved errata for further processing, Chad seconds. > Motion approved unanimously. > > (k) Attribute Predicate Profile (added to agenda) > > Franz-Stefan Preiss introduced Attribute Predicate Profile. > > IBM working in privacy, wish to have support for predicate over attributes as opposed to simply concrete values. Draft profile produced for SAML assertions, also query format. > Canonical example of restricting age for access to chat room. This enables new privacy-protecting functionality. > > see http://www.oasis-open.org/apps/org/workgroup/security/email/archives/201103/msg00022.html > > Profile builds on XACML to express predicates, the XACML apply element to apply function to arguments. This enables arbitrary complex predicates over any number of arguments. > > Added new statement type, AttributePredicateStatementType. > > No changes to SAML standards, normal extension points used, hence a profile. Question as to whether this should be standardized in SSTC - TC members note that a profile like this can be standardized in SSTC. It might make sense to split SSTC and XACML portions for separate approval in the respective TCs - whether this should be done needs review. The TC discussed whether or not to reduce the number of predicates allowed. > > This submission should be uploaded into the SSTC document archive. > > Request for review and discussion on next call. > > 5. Assorted mail items: > > reminders, NIST IDtrust 2011, IETF next week. > > 6. Other items: > > None > > 7. Next SSTC Call: > - Tue 5 April 2011. > > Adjourn
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]