OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

id-cloud message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [id-cloud] MINUTES OASIS IDCloud TC Meeting 06 February 2012

All - I have confirmed that Abbie will be able to come to OASIS Monday March 5 meeting to discuss Trust & Trust Framework topic with the TC.  Please put Abbie on the agenda.


-----Original Message-----
From: id-cloud@lists.oasis-open.org [mailto:id-cloud@lists.oasis-open.org] On Behalf Of Gershon Janssen
Sent: Monday, February 20, 2012 9:32 AM
To: id-cloud@lists.oasis-open.org
Subject: [id-cloud] MINUTES OASIS IDCloud TC Meeting 06 February 2012

OASIS IDCloud TC Meeting
06 February 2012, 02:00pm to 03:00pm ET

Scribe: Gershon Janssen

1. Roll Call and Agenda Review

Name              Status
----              ------
Anil Saldhana     Member
David Kern        Member
Gershon Janssen   Member
Matthew Rutkowski Member
Roger Bass        Member
Dominique Nguyen  Member
Cathy Tilton      Member
Rich Furr         Member


8 people joined the meeting.

This meeting quorates.

Member status status changes:

Lost voting rights:

Gained voting rights:

Now: 11 voting members in TC.

2. Approval of Minutes

- 23 Jan 2012 Meeting: 

Dominique Nguyen moves to approve the 23/Jan minutes.  Roger seconds. No discussion; motion carries.

3. Use Case Document

* Public Review Status

- Matt put forward a request to the TC-admin; hopefully it gets published this week.
- 15-day review; after the 15-day review, working on received comments, etc.
we can formalize the Use Case document.

- Question: will there be an HTML version available?

- Word version is the proper document; HTML will be created though will not be the master version.
- referencing from other docs, though, should be the PDF rather than the HTML.

4. Gap Analysis Document

- Talks to group through revision 1a of the gap analysis document and progress made during the informal gap analysis calls.
- Process currently is to perform a coarse gap analysis for all use cases.
First step is to identify standards only / identify relevant standards to all use cases
- Ask input on the following:

   - list of standards in chapter 2 of the document: split out in available versions of standards? e.g. oAuth 1.0 oAuth 2.0

   - Split out in various separate parts? e.g. OpenID consists of OpenID Authentication 2.0 (txt), OpenID Attribute Exchange 1.0 (txt), OpenID Provider Authentication Policy Extension 1.0 (txt), OpenID 

Authentication 1.1 (txt), OpenID Simple Registration Extension 1.0 (txt) and Yadis Discovery Protocol (Developed separately from OpenID, though used in 2.0).

   - Categorization for standards; what normalization to use?

- Breaking it down by versions seems needed; e.g. oAuth 1.1 versus oAuth 2.0
- Also when talking about frameworks of standards, such as OpenID connect, we need to break it down in order to know what we are talking about.
- About categorization of standards, consider using the already existing use case categorization.
  o this might be difficult with framework standards such as OpenID Connect

- Trust between standards seems an important topic for us.
- OASIS EICTEM is also looking at this.
- Ask trust elevation TC to explain to us what they know and maybe help us with some frameworks, etc. for our benefit? Trust levels / definitions / gaps in with respect to trust; what framework do we analyse 

- AI for Matt: to post document to their list to ask for guidance on trust frameworks or pointers

- trust elevation TC is at the use case gathering stage.
- currently talking about the 4-levels of trust (NIST definition).
- they were also looking at the ISO version, which is broader than the NIST version.

- There is a gap in understanding AuthN/AuthZ; any form of clearity is likely to be invaluable.

- Can we track back to initial submitters / owners of the use cases? Maybe we can ask them for their first take at the gap analysis to spur the inital discussion

Next meeting on GAP analysis on upcoming Thursday.

5. Conferences

Conferences coming up:
- Gershon going to attend the EIC2012

6. Other Business

No other business.

7. Adjourn

Meeting adjourned.

To unsubscribe, e-mail: id-cloud-unsubscribe@lists.oasis-open.org
For additional commands, e-mail: id-cloud-help@lists.oasis-open.org

This message w/attachments (message) is intended solely for the use of the intended recipient(s) and may contain information that is privileged, confidential or proprietary. If you are not an intended recipient, please notify the sender, and then please delete and destroy all copies and attachments, and be advised that any review or dissemination of, or the taking of any action in reliance on, the information contained in or attached to this message is prohibited. 
Unless specifically indicated, this message is not an offer to sell or a solicitation of any investment products or other financial product or service, an official confirmation of any transaction, or an official statement of Sender. Subject to applicable law, Sender may intercept, monitor, review and retain e-communications (EC) traveling through its networks/systems and may produce any such EC to regulators, law enforcement, in litigation and as required by law. 
The laws of the country of each sender/recipient may impact the handling of EC, and EC may be archived, supervised and produced in countries other than the country in which you are located. This message cannot be guaranteed to be secure or free of errors or viruses. 

References to "Sender" are references to any subsidiary of Bank of America Corporation. Securities and Insurance Products: * Are Not FDIC Insured * Are Not Bank Guaranteed * May Lose Value * Are Not a Bank Deposit * Are Not a Condition to Any Banking Service or Activity * Are Not Insured by Any Federal Government Agency. Attachments that are part of this EC may have additional important disclosures and disclaimers, which you should read. This message is subject to terms available at the following link: 
http://www.bankofamerica.com/emaildisclaimer. By messaging with Sender you consent to the foregoing.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]