[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes 8 December 2016 TC Meeting
Time: 2:30 PM EST Tel: 1-712-775-7031 Minutes for 8 December 2016 TC Meeting I. Roll Call & Minutes Attendance Voting Members Hal Lockhart (Co-Chair) Bill Parducci (Co-Chair) Rich Levinson Steven Legg Martin Smith Members Mohammad Jafari Quorum: YES. 5 of 5 (100%) per Oasis site Approve Minutes 11 November 2016 - UPDATED APPROVED II. Administrivia Upcoming meetings Hal: The meeting on the 22nd is scheduled but will be canceled lacking further updates on the errata. IDESG Status Hal: Their Privacy subcommittee is now working on this and have been in contact with Martin and I. We are hope they'll this in front of the plenary in the February timeframe. Martin: The plenary is in Portland, Oregon if anyone is intersted. The process seems to be moving along. Martin: One of the things that I commented on 863-3 (authentication) that was not adopted is my suggestions on the 2 types of user attributes passed around: One type is for vetting, the other are attributes you are awarded--typically as an agent. Historically it appears to me that the first type is passed around, but they should be only sending around the second type for authZ purposes because they tend to be much less sensitive. Passing the first type around makes sense for "account linking" based upon probabilistic matching of common attributes, and is a one-time Hal: Re: Account linking...There is work going on in OpenID [I think] via a mechanism that shields the details of attributes on each side. Re: 2 types of attributes... In my experience, there are many more than 2 classes of attributes, e.g. "admin" is not a title... Martin: But it is a duty assignment.. Hal: Yes, but that information itself may be sensitive data, so there are subtleties... Rich: I have been working on and the major issues tends to be centered around liability. E.g. in a credit card transaction liability rests with the bank and the consumer. { reviewed examples of secondary use cases on other examples } Martin: I agree that it's important to identify where the liability resides. {general discussion } Thanks for the feedback. Issues: Errata Hal: I am not sure of the status on this since we have not heard back from Richard Hill since the last post to the list. recently. ACTION ITEM: Hal to get status update. Hal: There were 2 errata solutions posted to the list concerning XML (Steven) and Attribute descriptions (Rich). Feedback? Bill: They look good to me. Hal: +1. Any other input? { none voiced } meeting adjourned
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]