OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Reminutes of SSTC/Focus 12 June 2001 telecon

[apologies for getting these out so late - I didn't have complete info from all
the notes takers until fri eve and then I didn't get an opportunity to work on
it this weekend.]

minutes of SSTC/Focus 12 June 2001 telecon

- Membership report: new/removed members (Heather)
see below

- Roll call (Heather)
see below

- Approval of minutes for the last telecon:

   with corrections from Irving Reid:


- Consideration of new standing rule that allows co-chairs

We need to adopt a new standing rule to allow for co-chairs. There is nothing in
the OASIS by-laws that allows/denies this.

   Eve's candidate wording:

   "The SSTC shall allow for election of up to two TC chairs who share
   chairing responsibilities as they see fit.  In this case, one of the
   two co-chairs shall take primary responsibility for communicating
   with OASIS staff."

Motion to accept wording as amended.

   "The SSTC shall allow for election of up to two TC chairs who share
   chairing responsibilities as they see fit.  In this case, one of the
   two co-chairs shall take primary responsibility for communicating
   with OASIS staff. This person will be designated as the 'Administrative

No objections, no abstentions, no debate. motion passed

- Decision on how to choose nominees for chair (who will be Focus chair

   Eve's suggestion:

   "Take nominations from the floor, as for motions; require a second."
Motion to do so accepted, no debate, no objections, no abstentions

- Nominations and voting for new chair; handover

Discussion of how to vote.

First, agreement required on having 2 chairs (motion: to chose two
co-chairs and to chose top two vote getters as co-chairs - passed)

 Joe Pato - moved by Jeff H, seconded Pratik
 Pratik Mishra - moved Krishna, seconded by Phil HB
 Jeff Hodges - moved Marlena, seconded Joe Pato

Each of the nominators gave short justification of their candidacy

Vote: Joe - 27, Prateek - 11, Jeff - 30

Congratulations to Joe and Jeff and many thanks to Prateek for volunteering
Jeff will act as "administrative co-chair" for now (may revise when Joe has
more time later in August)

- Approval of/additions to this agenda


ACTION items
ACTION: Bob Blakley to develop and circulate a Word template for all
specification contributors to use.
- Target date 1 June

  Will do today (12 June)

ACTION: Bob Blakley to propose simplified assertion data structures based
on Phill's new document.
- Target date 1 June

  This is already happening, Bob absolved

ACTION: Prateek to do traceability review before the next TC telecon.

  Wait till things settle down and then review later

ACTION: Jeff Hodges to update the Glossary to reflect F2F #2 decisions.
- Target date 12 June 01

  Not done. Jeff to talk with Bob on how to do this (offline)

ACTION: Eve to create master bibliography and provide bibliography section
for document guidelines.
- Target date 5 June 01

  Not done yet - Eve anticipates more time now and will have new target date
of June 15

ACTION: Subgroup leaders to get new materials to BobB (and security-
editors list) by COB June 14 in preparation for publishing the F2F
versions of the spec.

  no "action" required from group; Bob would like f2f-inclusion materials to
be marked as such in the email header (allows Bob to more easily search
email). Please mail to security editors as well as overall list

ACTION: Marlena to champion DS-1-02, Anonymity Technique, and confer with
BobB and Phill.

  Marlena has sent out email but has not heard anything. Is waiting for more
clarification on Assertions topic before pushing for this item.

ACTION: Prateek to champion DS-3-03, ValidityDependsUpon.

  Prateek is working on this, trying to clarify notion around
dependencies/relationships between assertions (subject component of an
assertion being itself an assert, as well as auditing type assertions)>
Prateek hopes to have something in the next couple of days.

ACTION: Dave to champion DS-4-01, Top or Bottom Typing.

  Still needs to be discussed

ACTION: Jeff to champion DS-4-02, XML Terminology, aka Messages and

 Onto do list

ACTION: Tim and Dave to brainstorm further on how to proceed with DS-4-03,
Assertion Request Template.

  Dave is starting to generate instances of queries and trying to write these
in his proposed syntax.

F2F #3
- Meeting page

  Does contain hotel info, Eve will maintain the meeting page, if J&J notify
  Eve with agenda info. J&J to talk to Eve offline

- Evite status

  Please respond if you have not already done so - we do not yet have quorom
and need to find out what is happening (real meeting or focus meeting)

- Goals for this F2F:
    . Review and approve as much of the design as possible
    . Assess plans for implementation and conformance
    . Figure out the end-game schedule

Subcommittee reports
- Issues list (Hal)

Hal went thru the recent changes in the issues list and color schemes.

- Focus (Eve for now)

Had an interesting meeting last week. Uncovered
misunderstandings of assertions Vs claims. May be we will use atoms,
molecules instead of assertions/claims. There is no TC recommendation yet.
The assertions structure is still fluid.

- Bindings (Prateek)

There are three issues which the group wanted to raise :
Terminology, Use of public registry and subject attributes to a SOAP
payload. The issues would be added to the issues list

- Conformance (Krishna)

Had sent the conformance clause to the list. Wanted
comments and ideas from the TC. At f2f we will have the conformance clause
document and also the conformance program document to review and discuss.

- Considerations (Jeff)

They have pointed to applicable material (e.g. from Shibboleth and IETF 
guidelines), but haven't done too much else yet.  There's a fair amount of 
analysis that needs to be done.  Jeff may need to hand over some or all of 
this work; Hal may be able to help.

- Sessions (Hal)

Pretty inactive lately; Dave has been working on assertion structures 
instead.  Hal will take up the most recent action item on session issues.

- Pass-through (Stephen)

No info.

Liaison reports
XKMS, XML Encryption, XML Protocol, BEEP, Shibboleth, DSML, XACML...

XACML: Hal has been doing some championing of the potential uses of XACML 
in SAML.  Everyone should read that thread.

Technical issues to discuss/approve
None; use this time to get agreement on how to proceed with assertion

Open mike (new issues)

Three new issues arose in our discussion of the binding group's work.

(Next meeting: 19 JUne 2001 Focus telecon; +1 334 262 0740 participant 
code #856956)


Focus subcommittee agenda
- Latest issues list:
- Core assertions structure/completeness work

Dave's review of his latest proposal:

First diagram is recursive top-typed assertions.  Molecules can contain 
other molecules.  Second diagram is three-level top-typed assertions.  This 
uses compounds, molecules, and atoms distinctly.  Third diagram is Phill's 
core-07 model.

He prefers the recursive structure; reusing the same structure at different 
levels is appealing.  He'd like us to talk about that.

Eve's review of her latest proposal:

It looks somewhat like Dave's second diagram, but is less specific about 
XML type hierarchies.  Regarding process: She'd like to see us ensure that 
we are confident about our list of items to cover in the XML 
representation, and then work on their configuration, and only then worry 
about naming (basically a top-down approach).

Dave commented that our approach to querying will have a moderate impact on 
the kind of assertion language we design.

How does the stuff in core-07 relate to Tim's protocol writeup?  There 
seems to be somewhat of a disconnect.  Tim suggested that the first 
priority is whether to reuse an existing query language.  Dave spoke in 
favor of XML Query (loosely typed) rather than a SAML-specific (strongly 
typed) method.

BobB asked: If you have a notion of recursive assertions, what do you 
request in order to get that back as a response?  Dave suggested that this 
be added to Tim's other scenarios.

Eve asked when you ever need a true query, as opposed to merely a 
confirmation that (e.g.) a particular authorization assertion is true.  How 
many questions do we really need to ask of SAML authorities?  When do you 
cross the line into querying a policy store?  Gil: This may be an issue of 
performance and scalability.

Dave: There are three approaches:

- (Eve) Lock down the specific list of requests
- (Phill) Middle ground, strongly typed queries
- (Dave) Lots of expressiveness, weakly typed queries

BobB: The more extensible it is, the more non-understandable forms are 
possible, sometimes causing interoperability issues.  Gil: Some 
"well-formed" queries may be unanswerable by a particular authority.  Dave: 
So precisely where do we want to allow extensibility when it comes to 
requests and queries?

Jeff's summary:

- Some of the information in table #1 of protocols-00 answers the questions 
Eve raised.

- Are we designing our own query language, or are we intending to profile 
XML Query, or do we really need "queries" for our SAML requests?

- There's a question about whether schemas for assertions are related to 
schemas for queries/requests.  We need to design the atoms in order to get 
guidance on the higher levels.

ACTION: Dave and Eve will try to combine and flesh out their assertion 
proposals for the purposes of the F2F version of the spec, and check with 
Phill to see if he wants to move forward with that or propose a core-08 
alternative.  Whatever proposals are available will be put into the 
assertion chapter of the spec.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC