Meeting minutes for SSTC Telecon call (14 April 2015)

[Rainer Hoerbe <rainer@hoerbe.at>]

> Proposed Agenda SSTC Conference Call
> Tuesday 14 April 2015, 12:00pm ET
> 
> 
> Topic: OASIS SSTC Call
> Call-in Number: 1-617-324-0000
> Access code: 645 403 951#
> 
> Date: Every 4 weeks on Tuesday
> Time: 12:00 pm, Eastern Standard Time (New York, GMT-05:00)
> 
> Meeting Number: 645 403 951.
> Meeting Password: samlsaml.
> 
> [Backup Telecon number:  (605) 475-4700 / passcode: 176720# ]
> 
> 
> AGENDA:
> 
> 1. Roll Call & Agenda Review.
> 
> 2. Need a volunteer to take minutes.
Rainer self-elected as scribe
> 
> 3. Approval of minutes from previous meeting(s):
> 
>   - Minutes from 17 March 2015 meeting:
> 
> https://lists.oasis-open.org/archives/security-services/201503/msg00003.html
Nate moving, Hal seconding, no objections – approved.
> 
> 
> 4. AIs & progress update on current work-items:
> 
>  (a) Current electronic ballots: None.
> 
>  (b) Status/notes regarding past ballots: None.
> 
>  (c) Follow up discussions from Dutch eID presentation (Martijn Kaag)
>      - Any updates/questions/discussions.
> 
>  (d) SAML 2.1 work:
>      - SAML2.1 wiki:
>        https://wiki.oasis-open.org/security/SAML2Revision
> 
>      - Starter docs:
> https://lists.oasis-open.org/archives/security-services/201403/msg00010.html
> 
>      - Martijn had indicated that he is interested to work on the 2.1 project.
News from Martijn:
We still have assigned people, however a last minute project delayed the start. But we are extending team and will have resources in a month. Willingness and budget is still there. We have 2 objectives – a) improve SAML spec to increase usability and use in Europe, b) increase competence for SAML within the company.

Submitted request from started doc. Did not get response yet. Will check again.

Discussion about combining attribute query with AuthnRequ. Should not be done by nesting protocols. Rather specify extension to attribute query, i.e. construct data model and follow an existing profile or protocol. 

We will look at other use cases to be considered. When we start drafting the concept, we will see if it matches the NZ use case.

Current attribute query has semantics: send only attributes on the requested list. Other semantics would be possible, like error if not all attributes are available. These are ldap-like semantics – get exactly what requested, or a subset. It does not specify to return an error if not complete.
Metadata is an advisory approach. It could allow to return something slightly different, and could be better in loosely coupled models. Individual attribute requests would be more like MD semantics, which might make more sense.
In general optional semantics can be ignored, therefore are more flexible, evolutionary.

Colin remarked that front-channel attribute delivery has the advantage of applying user consent. 

> 
>  (e) XSPA updates (Mohammad Jafari)
>     - Any updates.
News from Mohammad. No updates for now.
> 
> 
> 5. Assorted mail items:
> 
> - Email from Collin Wallis:
> 
> https://lists.oasis-open.org/archives/security-services/201504/msg00001.html
Have been away from the ID team for some time, now acting in a broker role.

Have not been using the MD-approach that much. Product for the IDP had a bug with MD
> 
> 
> 6. Other items:
> 
> - Europen Identity Conference (May 5-8)
> 
> 7. Next SSTC Call:
>   - Tuesday 12 May 2015.
> 
> 
> 
> 
> -------------------------------------------------
> **** You can forward this email invitation to attendees ****
> 
> Hello ,
> 
> Thomas Hardjono invites you to attend this online meeting.
> 
> Topic: OASIS SSTC Call
> Date: Every 4 weeks on Tuesday, from Tuesday, February 5, 2013 to no end date
> Time: 12:00 pm, Eastern Standard Time (New York, GMT-05:00)
> 
> Meeting Number: 645 403 951
> 
> Meeting Password: samlsaml
> 
> 
> -------------------------------------------------------
> To join the online meeting (Now from mobile devices!)
> -------------------------------------------------------
> 1. Go to https://mit.webex.com/mit/j.php?ED=170547347&UID=0&PW=NZDIyZDMzZGU5&RT=MiMxMQ%3D%3D
> 2. If requested, enter your name and email address.
> 3. If a password is required, enter the meeting password: samlsaml 4. Click "Join".
> 
> To view in other time zones or languages, please click the link:
> https://mit.webex.com/mit/j.php?ED=170547347&UID=0&PW=NZDIyZDMzZGU5&ORT=MiMxMQ%3D%3D
> 
> -------------------------------------------------------
> To join the audio conference only
> -------------------------------------------------------
> To receive a call back, provide your phone number when you join the meeting, or call the number below and enter the access code.
> Call-in Number: 1-617-324-0000
> 
> Access code: 645 403 951
> 
> -------------------------------------------------------
> For assistance
> -------------------------------------------------------
> 1. Go to https://mit.webex.com/mit/mc
> 2. On the left navigation bar, click "Support".
> 
> You can contact me at:
> hardjono[at]mit.edu<http://mit.edu>
> 1-781-7299559
> 
> To add this meeting to your calendar program (for example Microsoft Outlook), click this link:
> https://mit.webex.com/mit/j.php?ED=170547347&UID=0&ICS=MI&LD=1&RD=2&ST=1&SHA2=AAAAAqQ8HRHsFV2sx7PeRL8WhHjtErKdRExJqKIpxM3zbAAL&RT=MiMxMQ%3D%3D
> 
> The playback of UCF (Universal Communications Format) rich media files requires appropriate players. To view this type of rich media files in the meeting, please check whether you have the players installed on your computer by going to https://mit.webex.com/mit/systemdiagnosis.php.
> 
> 
> 
> 
> http://www.webex.com
> 
> CCP:+16173240000x645403951#
> 
> IMPORTANT NOTICE: This WebEx service includes a feature that allows audio and any documents and other materials exchanged or viewed during the session to be recorded. By joining this session, you automatically consent to such recordings. If you do not consent to the recording, discuss your concerns with the meeting host prior to the start of the recording or do not join the session. Please note that any such recordings may be subject to discovery in the event of litigation.
> 
> ----------------------------------------------------------------------
> 
> 
> ____________________________________________
> 
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  Follow this link to all your TCs in OASIS at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
> 
> 
> 
> www.connectis.nl<http://www.connectis.nl> | Postbus 975 | 3000 AZ Rotterdam | +31 (0) 88 - 0120 222 | KvK 24444001
> 
> Connectis ontwikkelt een nieuw platform en zoekt ervaren software engineers.
> Kijk op www.werkenbijconnectis.nl<http://www.werkenbijconnectis.nl> voor meer informatie.
> 
> Connectis<http://www.connectis.nl>, FederateNow<http://www.federatenow.com>™ en ZorgverlenerOnline<http://www.connectis.nl/themas/zorg.html> zijn handelsmerken van Connected Information Systems B.V.
> 
> Dit e-mailbericht en enige bijlage is uitsluitend bestemd voor de geadresseerde(n) en strikt vertrouwelijk. Aan dit bericht kunnen geen rechten ontleend worden. Op het werk van Connected Information Systems B.V. zijn haar algemene voorwaarden van toepassing.
> 
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  Follow this link to all your TCs in OASIS at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
>