Agenda for SSTC/Focus 15 May 2001 telecon

["Eve L. Maler" <eve.maler@east.sun.com>]

Meeting date: Tuesday, 15 May 2000
Meeting time ( see also http://www.timezoneconverter.com ):

         (TC meeting ~first hour; Focus meeting ~second hour)
         Europe/Dublin  5-7pm
         US/Eastern     12noon-2pm
         US/Central     11am-1pm
         US/Pacific     9am-11am

Call-in information (good through 17 July):
         Call-in number: (334) 262-0740
         Participant code #856956


Administrative
==============
- Membership report: new/removed members (Heather)
- Roll call (Heather)
- Approval of minutes for F2F #2:
   http://lists.oasis-open.org/archives/security-services/200105/msg00006.html
- Approval of minutes for the last telecon:
   http://lists.oasis-open.org/archives/security-services/200105/msg00040.html
- Approval of/additions to this agenda


Review the running list of open ACTION items
============================================
ACTION: Bob Blakley to develop and circulate a Word template for all
specification contributors to use.

ACTION: Bob Blakley to work with Phill Hallam-Baker to develop the
simplified architectural model and coordinate it with the proposed
Core Assertions design.

ACTION: Bob Griffin to attempt to map the proposed Core Assertions
design to our requirements.  To be done by 11 May.

ACTION: Hal Lockhart to publish a fresh issues list.  To be done by 8 May.

ACTION: Hal Lockhart and Dave Orchard to update the Architectural
chapter to reflect F2F #2 decisions.  Hal to update his picture
today.  Dave O to update whole chapter by 11 May.

ACTION: Jeff Hodges to update the Glossary to reflect F2F #2 decisions.  To
be done by 11 May.

ACTION: Darren Platt to update the requirements document to reflect F2F
#2 decisions and publish as a consensus draft ASAP.


Review plans for F2F #3
=======================
- Evite poll results
- If we don't reach quorum, is a Focus subcommittee meeting acceptable?
- Goals for this F2F:
     . Review and approve as much of the design as possible
     . Assess plans for implementation and conformance
     . Figure out the end-game schedule


Subcommittee reports
====================
- Focus (Eve)
- Sessions (Hal)
- Bindings (Prateek)
- Conformance (Tim)
- Considerations (Jeff)


Liaison reports
===============
...


Technical issues to discuss/approve
===================================
- Focus subcommittee recommendations:
   http://lists.oasis-open.org/archives/security-services/200105/msg00051.html

   . "We recommend that the TC authorize a subgroup/task force to
     evaluate a suitable pass-through authN solution for eventual
     inclusion in V.next of SAML. If the TC likes the design once it
     is presented, it may choose to open up its scope to once again
     include pass-through authN in V1.0. Stephen is willing to champion
     this."

   . "Direct the editor of the requirements document to indicate that
      we desire a design where signatures and encryption are optional."


Open mike (new issues)
======================
...


**Adjourn**


Focus subcommittee agenda
=========================
The following list is from Hal, our issues list maintainer.  Please see 
recent discussion on security-services and Phill's new version of the core 
assertions draft:

   http://www.oasis-open.org/committees/security/docs/draft-sstc-core-06.pdf

- XMLAssertionGenerality (aka "top vs. bottom")

- Enveloped and Enveloping (and Detached)
   Open - recommend discussion in context e.g. Prateek's thread re: "binding"

- Wildcarded Resources
   Open

- NoPolicyAssertions
   Open - do we really want to debate this?

- OptionalSigAndEncryption
   Open - What's the alternative? None? Mandatory?

- R-Reference
- R-Extensible
   Open - suggest discussion in context

- StrengthenAddDeleteMod
- UC-2-01:AddPolicyAssertions
   Open

- UC-2-05: Emarketplace Use Case
   Open - Ballot 7-4

- UC-9-01:RuntimePrivacy
- UC-9-02:PrivacyStatement
   Open

- SAMLVersions
   Agreed SAML will have version # in header, technical means no settled

- CertsVsPasswords
   Open - consensus = support both?

- PropagateIDAssertions
   Open - We want to be able to propagate identity assertions, and to
   propagate privileges into other environments. Bob Griffin


- UC-1-05:FirstContact
   Open - ballot 6-3 Issue seems to be not whether to allow, but whether
   to call out specifically

- PassportHailstorm
   Open

- SubjectDefinition
   Open - being discussed on list

- ObjectDefinition
   Open

- XMLEncoding
   Open

- URIsForAssertionIDs
   Open
--
Eve Maler                                             +1 781 442 3190
Sun Microsystems XML Technology Development  eve.maler @ east.sun.com