OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [security-services] Minutes for SSTC Telecon (18 Oct 2011)

On 10/18/2011 12:07 PM, Nguyenphu, Thinh (NSN - US/Irving) wrote:

Minutes for SSTC call: 18 Oct 2011

1. Roll Call&  Agenda Review.
[Note] quorum is established.

Roll Call:
Internet2     Scott Cantor
Nokia Corporation     Frederick Hirsch
Internet2     Nathan Klingenstein
Internet2     Chad La Joie
Oracle     Hal Lockhart
IBM     Gregory Neven
Nokia Siemens Networks GmbH & Co. KG     Thinh Nguyenphu
Red Hat     Kenneth Peeples
Red Hat     Anil Saldhana

Quorum: 7 out of 9 voting members (77%): Achieved.

Status Changes: none


2. Need a volunteer to take minutes.
[Note] Thinh Nguyenphu volunteered

3. Approval of minutes from last meetings:

    Minutes from SSTC Call on 20 Sept 2011:

http://lists.oasis-open.org/archives/security-services/201109/msg00008.h
tml
[Note] approved

    Minutes from SSTC Call on 20 Sept 2011:

http://lists.oasis-open.org/archives/security-services/201110/msg00004.h
tml
[Note] approved


4. AIs&  progress update on current work-items:

   (a) Current electronic ballots: (none)

   (b) Status/notes regarding past ballots: (none)

   (c) Session Token Profile (Hal)
       - Status: Hal already submitted request for CSD and 15-day PR.
       - Status: 15-day PR from 3 Oct to 18 Oct 2011.

http://lists.oasis-open.org/archives/security-services/201110/msg00006.h
tml

[Note] Hal reports PR ends today, and document only received two
editorial comments by TCAdmin, which were minor comments.


   (d) Attribute Predicate Profile (Gregory/Franz-Stefan)
       - Status: 30-day PR from 15 Oct to 14 Nov 2011.

http://lists.oasis-open.org/archives/security-services/201110/msg00008.h
tml

[Note] Gregory: PR just started.

   (e) Kerberos profiles [3 items] (Josh/Thomas)
       - Status: Committee Specification creation requested.
       - Status: Tickets TCADMIN-664, 665, 666.

[Note] Still waiting for TCAdmin to creating committee specification.

   (f) Change Notify Protocol Version 1.0 (Thinh/Phil)
       - Status: Committee Specification creation requested.
       - Status: Tickets TCADMIN-696 - in process.

[Note] Thinh: no update, waiting for TCAdmin.

   (g) Channel binding proposal (Scott)
       - Status: awaiting other items in other groups.
       - Any updates?

[Note] no update today.

   (h) Enhanced Client or Proxy Profile (Scott)
       - Status: work waiting for items in IETF Kitten WG.
       - Any updates?

[Note] no update today.

   (i) Metadata Extensions for Documentation/Registration (Chad)
       - Status: 15-day PR from 3 Oct to 2 Nov 2011.

http://lists.oasis-open.org/archives/security-services/201110/msg00005.h
tml

[Note] Chad: During PR, the document receives one comments. The response
to the comment is available at
http://wiki.oasis-open.org/security/PublicComments20111003-20111102.
Mostly, there will be a new revision.


   (j) Metadata Extensions for Login and Discovery User (MDUI) (Scott)
       - Status: 30-day PR from 14 Oct to 13 Nov 2011.

http://lists.oasis-open.org/archives/security-services/201110/msg00007.h
tml

[Note] Scott: The document receives one comment. The comment resolution
is available at
http://wiki.oasis-open.org/security/PublicComments20111014-20111113


5. Assorted mail items:

6. Other items:
    - IIW in October (17-19 Oct).
    - Kerberos Conference at MIT (Last week of Oct): Hal: There will be
excellent panel on Tuesday. The panel will feature three past SAML
co-chair. It will have great discussion on federation, SAML, Kerberos,
etc.

-	New security paper: Scott and Hall reported on new security
paper from Germany. New security paper published from Germany, which
identify potential SAML security risk.  The security paper, How to break
XML encryption, will be presented at ACM conference CCS 2011.  The paper
documented some new techniques of attach SAML security assertion. It may
provides some recommendation to mitigate the problem.

It is recommended that members of SS TC to review the document and we
can discuss further meeting.

7. Next SSTC Call:
    - Tue 1 November 2011.

_______________________________________________________


---------------------------------------------------------------------
To unsubscribe, e-mail: security-services-unsubscribe@lists.oasis-open.org
For additional commands, e-mail: security-services-help@lists.oasis-open.org

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]