[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Draft minutes of F2F #2; your review, please
You're receiving this either because you contributed to the F2F #2 minutes or because you have an ACTION item or some other reason to look at the text carefully. I'm hoping to get these out AS SOON AS I hear from you! Please review ASAP and let me know: - Can you recall/explain the MOTION we entertained that is indicated below with ????'s in front of it? I can't recall enough detail to turn the result into an ACTION. - Other than that item, is the text accurate and complete enough to serve as an official record? - Did I capture all the ACTION items? - If you contributed raw minutes, is it okay if I attach them to my posting of the official version, so others can benefit from them? Thanks! Eve * * * Minutes of OASIS Security Services Technical Committee F2F #2 18-19 April 2001 Thanks to Gavenraj Sodhi, Kelly Emo, and Gil Pilz for contributing to these minutes! I have attached their raw notes, which contain blow-by- blow descriptions of the proceedings. Below I focus on the high points, straw polls, votes, and action items as an official record. Administrative ============== - Roll call Attendance list and membership status update appear at the end of these minutes. Quorum reached. - Approval of minutes for the last telecon: http://lists.oasis-open.org/archives/security- services/200104/msg00005.html Approved. - Approval of/additions to this agenda Approved. Use Case and Requirements subgroup report ========================================= Darren Platt reviewed the requirements document and the status of the outstanding issues. Of 60 issues, 32 reached consensus (specially defined for that subgroup to mean 75% positive votes). Several proposed scenarios (such as all the ebXML-related ones) did not make the cut, in some cases because they were too detailed. There is interest in reworking and resubmitting some of these [we used the open mike session to list "live" issues]. Hal Lockhart presented the latest producer/consumer model. The TC noted that the session part of the model was relatively unconnected to the rest, and there were questions raised about what Credentials Assertions contain. These areas of the model are in flux because of pending decisions that we hope to take at this meeting [which we ultimately did]. Core Assertions/Protocols subgroup report ========================================= Phill Hallam-Baker presented the beginnings of the assertion design work. He noted that the subject/action/object structure was RDF-like. Some questions were raised about whether specific pieces (such as the Conditions element) satisfied specific requirements; in the case of Conditions, Phill said it met the extensibility requirement. The TC discussed the need to have XML-vocabulary versioning information in assertions somehow; Eve mentioned current thinking among XML wonks on how to do this. The TC discussed issues with allowing references to be indexical (defined by context) instead of nominative (explicitly naming the referent in some fashion); this was summarized as the difference between "dumb tokens and smart protocols" vs. "smart tokens and dumb protocols." Some people mentioned a concern that the design is overly PKI-centric. Carlisle Adams, presenting for Tim Moses, covered the Protocol section with an eye towards spelling out the assumptions in it; those that elicited significant discussion are highlighted here. One assumption: that the AuthZ Decision Assertion is effectively eliminated because a binary "yes" vs. "no" could be conveyed by parroting back the question that was asked. Several people were concerned that this eliminates "really dumb PEPs" as a possibility. Another assumption: that the schema presented in this section is just a guideline for the bindings work. This touched off a discussion about "enveloped" vs. "enveloping" SAML messages and expectations about whether the SAML schemas will be normative; there is a definite desire to be normative wherever possible. There's some trickiness around parts of SAML messages that a particular binding pulls "out of band"; we wouldn't want the XML field to be truly optional, but rather switchable somehow per binding. Finally, the Protocol section outlined a method for forming SAML queries that is template-based. This seemed to find favor with several people. Editorial report ================ Bob Blakley described how he produced the SAML specification draft, requirements document, and issues list document. He exhorted contributors to adhere strictly to the document guidelines, to use vanilla Word styles, and to supply PowerPoint versions of graphics. Bindings subgroup report ======================== Prateek Mishra presented the current status. They intend to define two kinds of bindings, assertion bindings and service bindings. It also intends to develop a framework for describing and registering proposed bindings; the TC had some issues with this, suggesting that this would make the dependencies with other efforts run the wrong way and that our bindings should be normative wherever possible. The subgroup has contributed some requirements to the requirements document. We discussed some of the constraints imposed by the web browser/SSO use case, such as small cookie sizes (for intranet use) and the need to cram everything onto a URL line (for cross-domain use). It was suggested that a set of "use case scenarios" that cross all our intended bindings (while keeping the other details as identical as possible) would be useful. Jeff Hodges spoke briefly on BEEP (RFC 3080 and 3081), which is essentially a framework for application protocols. Conformance subgroup report =========================== Bob Griffin presented the current status for Krishna Sankar. This subgroup is just getting started. They plan to review the SAML spec for clarity of normative vs. non-normative material, to document conformance guidelines, to develop (or possibly just coordinate the development) of a conformance suite, and to work with other efforts to promote interoperability and adoption. The TC commented that interoperability is the ultimate desire of all, so "conformance" without this wouldn't be too helpful. While having too many options would harm interoperability, several ideas were raised for levels/types of conformance we might have to have: for each type of authority, for each type of binding (possibly with a "floor" of required bindings), and for assertions vs. the protocol/binding aspects of SAML. Open Mike Session and Issues Resolution ======================================= MOTION: Should the TC enter into a committee of the whole to do the open mike session? PASSES 30-0. The TC held an "open microphone" session, in which everyone had a chance to speak for five minutes and raise as many issues as they wanted. We agreed in principle that any still-open issue in the Use Case and Requirements issues list *not* raised during this session would be considered to be closed, so that we could gain consensus on the requirements document during the F2F. The issues were recorded, and in the recess between meeting days, the group leaders categorized them. Highlights included: - Much support for defining a very simple design and *then* optimizing it (DarkNightOfTheSoul aka SimplifyFirst) - A need for "design traceability" back to requirements - Many people weighing in on the session question, e.g. signon being not interesting enough if signoff isn't also included - People raising issues with the amount of cross-communication among the subgroups MOTION: (ShouldWeDoSAML) Should we continue to do the work of the OASIS TC to define the SAML specification? PASSES 30-0 (with 1 abstention). MOTION: (TCStructure) Should we dissolve the Use Cases and Requirements subgroup and the Core Assertions/Protocols subgroup and in their place have a "Focus" subgroup that tackles the remaining issues and work in this area, with the TC in more of an oversight role? PASSES 26-3 (with 1 abstention). MOTION: Should the TC accept the requirements document, except for issues raised during the open mike session? PASSES 30-0. The TC extensively discussed the various issues related to sessions (including login, logout, timein, and timeout). The notion of a session is baked into the validity interval idea, but some were advocating "rich" or "dynamic" sessions, where significant session state is stored. Others felt that some aspects of this design problem presented significant schedule risk. Phill Hallam-Baker presented a strawman design that would allow "pull" timeout, but not "push" timeout. We did some straw polls to determine the sense of the body. STRAW POLL (1->5): On a scale from 1 to 5, how comfortable are you with the statement "We must finish by about September"? 1 2 3 4 5 1 0 6 1 10 STRAW POLL (1->5): On a scale from 1 to 5, how comfortable are you with the statement "If we fail to solve logout, then solving just login is acceptable"? 1 2 3 4 5 4 5 2 1 14 STRAW POLL (Quaker): Out of the following choices, which *one* do you prefer most? Which (one or more) can you live with? 1. Finish assertions and transport (protocol and bindings) work only by the September timeframe. Do no prep work to ensure that sessions will work with SAML 1.0. 2. #1 plus do the prep work to ensure that sessions will not be precluded from working with SAML later; commit to doing login and logout design "next" after 1.0. 3. #2 plus include a design for login, and do the prep work to ensure that logout, timein, and timeout will not be precluded from working with SAML later; commit to doing these other pieces "next" after 1.0. 3.5. #3 plus include a design for timein; accept the increased schedule risk. 4. Finish the design for assertions, transport, and full session support and plan on finishing later than September. Prefer Live with 1 0 11 2 4 22 3 18 23 3.5 2 12 4 2 9 MOTION: Should we accept option #3? PASSES 25-5. Jeremy Epstein stepped down as Security and Privacy Considerations subgroup chair, replaced by Jeff Hodges. The TC agreed that the new Focus subgroup would meet on the weeks that the TC is not meeting, for two hours. Eve Maler agreed to act as Focus chair. ????MOTION: Should we accept the Use Case report and direct the editors to insert appropriate non-goal language? PASSES 26-0 (with 4 abstentions). The TC discussed the Architectural chapter in detail and collected comments for the editors: Static model requests: - If possible, separate out into two diagrams, one for containment and one for other relationships. (See Bob Blakley with questions.) - Fill in the rest of the cardinalities and make sure that every edge is labeled. - Update terminology in diagram. - Add prose explaining that the term "user" stands in for additional examples that are not human, including parties and processes. - Remove the abridged glossary. Producer/consumer model requests: - Remove the credential collection stuff entirely. MOTION: Should we avoid "target" (except as a regular English word) and "system resource" and use simply the word "resource"? PASSES by unanimous consent. The TC discussed the Glossary and collected comments for the editor: - Make appropriate changes to "target", "system resource", and "resource". - Try using/defining "validation of binding" to mean authentication of the binding of an assertion to a request. Consider a note saying to avoid the term "authenticator." - Define single sign-on (possibly as a marketing term conveying a user experience). Define login, logout, timein, keep alive, and timeout. - Define "session" and "rich session." Summary of ACTIONS taken ======================== ACTION: All F2F #2 presenters to send their slides to Eve Maler. ACTION: Eve Maler to stop the security-use and security-core lists but keep the archives. [DONE] ACTION: Eve Maler to effect changes to security-consider and security- leaders lists. [DONE] ACTION: Eve Maler to set up regular Focus subgroup telecons. [DONE] ACTION: Eve Maler to get Sessions subgroup chairmanship initialized. [DONE] ACTION: Eve Maler to update the group, meeting, and membership pages with changes as necessary. ACTION: Bob Blakley to develop and circulate a Word template for all specification contributors to use. ACTION: Bob Blakley to work with Phill Hallam-Baker to develop the simplified architectural model and coordinate it with the proposed Core Assertions design. ACTION: Bob Griffin to attempt to map the proposed Core Assertions design to our requirements. ACTION: Eve Maler to give open mike issues to Hal Lockhart. [DONE] ACTION: Hal Lockhart to take over maintenance of the issues list and add the open mike issues, ideally with publication of the revised list before the next official TC meeting. ACTION: Hal Lockhart and Dave Orchard to update the Architectural chapter as indicated above. ACTION: Jeff Hodges to update the Glossary as indicated above. ACTION: Darren Platt to update the requirements document to reflect F2F #2 decisions and publish as a consensus draft ASAP. Attendance and membership report ================================ Lost membership as a result of missing this meeting: Michah Lerner AT&T New members as of the end of this meeting: Valerie Beaubien Netegrity Gavenraj Sodhi Access360 Voting members who attended this meeting: Bill Perry Aventail Irving Reid Baltimore Ken Yagen CrossLogix Brian Eisenburg DataChannel Hal Lockhart Entegrity Fred Moses Entitlenet Carlisle Adams Entrust Alex Berson Entrust Robert Griffin Entrust Joe Pato HP Maryann Hondo IBM Kelly Emo Jamcracker David Orchard Jamcracker Gilbert Pilz Jamcracker Alan Brown Microsoft Marc Chanliau Netegrity Prateek Mishra Netegrity Jeff Hodges Oblix Charles Knouse Oblix Michael Lyons OpenNetwork Mark Griesi OpenNetwork Evan Prodromou Outlook Darren Platt Securant Eve Maler Sun Ron Monzillo Sun Bob Blakley Tivoli Marlena Erdos Tivoli Bob Morgan UWashington Phillip Hallam-Baker Verisign Jeremy Epstein webMethods Others who attended this meeting: Gavenraj Sodhi Access360 (prospective member) Bill Pope Bowstreet (prospective member) Steven Carmody BrownU (observer) Sekhar Vajjhala Sun (observer) -- Eve Maler +1 781 442 3190 Sun Microsystems XML Technology Development eve.maler @ east.sun.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC