OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: Minutes of SSTC/Focus 24 July 2001 telecon


[mucho gracias to Heather for taking the minutes! Apologies for getting them
issued to the list rather late. JeffH]

> Administrative
> ==============
> - Membership report: new/removed members (Heather)
> 
> - Roll call (Heather)
>   - quorum?

Yes.
     Attendance Roll is at end of minutes 
 


> - Minutes-takers??
     Heather for as long as possible 

> 
> - Approval of/additions to this agenda

none

> 
> ACTION items
> ============
> 
> ACTION: Bob Blakley to develop and circulate a Word template for all
> specification contributors to use.
> 
> Done by Gil Pilz.
> 
> ------
> ACTION: Prateek to do traceability review before the next TC telecon.
> - definitely in wait-state, gated by consensus draft from F2F #3.


Sent out Monday July 23 by Prateek; two valid schema doco plus 
discussion documents on traceability with reference to white 
board minutes/picture from F2F 3. There is more to come, so this 
action item is still open 

> ------
> ACTION: Eve to create master bibliography and provide bibliography section
> for document guidelines.
> - In wait-state. Eve has sent to JeffH draft bib section guidelines for
> comment,
> otherwise this is in wait-state as she's on vacation for much of Jul.
> 
> JeffH will try to do by 10-Aug.
> 
> ------
> ACTION: Marlena to champion DS-1-02, Anonymity Technique, and confer with
> BobB and Phill.
> - In progress. Marlena has initiated thread(s) on the list wherein this is
> discussed explicitly, in terms of an "opaque identifier". Please read the
> thread & provide feedback.

Marlena is on vacation, but threads are available on list, 
please read and provide feedback 


> ------
> ACTION: Prateek to champion DS-3-03, ValidityDependsUpon.
> - In wait-state. Will be another couple of weeks to get out doc discussing the
> overall set of issues here.


Still in wait state, but about to be taken up as F2F consensus 
is nearing closure 


> ------
> ACTION: Jeff to champion DS-4-02, XML Terminology, aka Messages and
> Packaging.
> - in queue.
> 
> ------
> ACTION: Hal to take Jeff's work on classification and composition of
> identifiers
> and "take it a step further".
> - In queue after Issues list update.

Really only 3 categories: identifiers that are globally unique, 
part of a domain and part of an enumerated list (enumerated 
lists are in context of authentication types). Implied item is 
issues list update (to be done today, see later in meeting) 
 


> ------
> ACTION: Tim Moses to call out some details from draft-sstc-protocols-00 in the
> context of the revival of ISSUE:[UC-1-05:FirstContact]
> see:
> http://www.oasis-open.org/committees/security/docs/draft-sstc-protocols-00.pdf
> 
> This item was brought up in the 10-Jul SSTC/Focus meeting, in the "Open mike"
> section, entitled "Prateek: revival of (ISSUE:[UC-1-05:FirstContact])"; see..
> http://lists.oasis-open.org/archives/security-services/200107/msg00049.html
> 
> - in wait-state.

Tim will get this done by the end of the week and will send 
stuff to the list 



> ------
> ACTION: Dave Orchard, Phillip Hallam-Baker, Chris McLaren, and Prateek Mishra
> to produce a "consensus draft", which will be draft-sstc-core-10, incorporating
> results of F2F #3 discussions as documented in F2F #3 minutes
> (http://www.oasis-open.org/committees/security/minutes/SSTC-F2F-3-Minutes-00.txt)
> - outlook deadline from last meeting was given as Friday, July 20
> 
> schema & discussion docs were issued 23-Jul-2001 in this message...
> 
> http://lists.oasis-open.org/archives/security-services/200107/msg00090.html
> 
> ..as this agenda was being composed. draft-sstc-core-10 is still needed it
> seems.



draft-sstc-core-10 hit the list on Monday July 23. Discussion 
postponed until  open mike section below. 
 


> ------
> ACTION: Hal to comb thru core-10 post issuance and identify those issues that
> he
> feels it addresses (as a way to try cull the open issues in the Issues doc).
> see:
> http://www.oasis-open.org/committees/security/docs/draft-sstc-saml-issues-04.pdf

Not enough time for Hal to have done this, item remains open 
 

> ------
> ACTION: JeffH to solicit the list for input on the abaove F2F #4 options.
> 
> In-progress.

Please see the Evite polls and respond as soon as 
possible. 



> 
> Subcommittee reports
> ====================
> - Issues list (Hal)

Will have new list today (July 24) 

> - Focus (Jeff for now)

working on Core-10, more later in agenda 

> - Bindings (Prateek)

Cancelled last week's call due to draft schema and consensus; 
nothing new.

There is a fair amount of detailed discussion on bindings list 
and security services list -- please read threads and provide 
feedback. 

Bindings and profile work has been designed such that people can 
submit documents that call out bindings/profiles of interest. 
Need to discuss how to perpetuate documents and receive new 
documents -- will eventually need to discuss how to do 
this "procedurally" 
 

> - Conformance (Robert Griffin)

Working on test cases, hope to get them out this week. There 
will be a con call next week 

> - Considerations (Jeff for now)

Chris McLaren, Don Flinn and Prateek will be helping on this. 
Some/much bindings dicussion is directly applicable. Hope to get 
stuff started before Aug 10. Jeff will initiate a thread on the 
list to get stuff going. 

> - Sessions (Hal)

othing new to report 

> - Pass-through (Stephen)

Pass -- Stephen not on call 
 


> 
> Liaison reports
> ===============
> XKMS, XML Encryption, XML Protocol, BEEP, Shibboleth, DSML, XACML...

SML (Gavenraj) -
                - F2F was last week at Austin Open Group. Will 
be looking at Microsoft proposal. Would like SAML to look at 
relationship. DSML v 2.0 is to be completed in 3 months 
 
XKMS (Joe) -
           - Kick off workshop last week, likely to become W3C 
activity, first F2F as a formal activity likely to be in October 
 
Shibboleth (Bob M) -
                   - Current designs and requirements on Web 
browser case are trying to come into alignment with SAML. 
 
XACML (Jeff) -
             - F2F last week, trying to determine problem space, 
no real decisions/results. Need to clearly define what a policy 
model will look like and accomplish. Ken Y has posted draft 
minutes to XACML list. 


> Doc Editor/Repository report
> ============================
> 
> Are there some docs that were sent only to Security-services that need to go
> into the Doc repository? Please re-send to security-editors.

no discussion.


> F2F #3 Minutes approval
> =======================
> 
> The minutes of the SSTC F2F #3 meeting, which was essentially an informal
> Focus group meeting due to lack of official F2F #3 quorum are here..
> 
>   Minutes of OASIS Security Services Technical Committee F2F #3
> 
> http://www.oasis-open.org/committees/security/minutes/SSTC-F2F-3-Minutes-00.txt
> 
> Are there additions/corrections to these minutes?
> 
> Is there a motion to approve the minutes from F2F #3 and accept the
> decisions and issues therein as being decisions and issues formally of
> the SSTC?
> 
> [If folks subsequently come up with corrections/additions to the approved
> minutes, the minutes can be ammended at a future SSTC meeting (telecon or
> F2F), so we shouldn't necessarily let that concern balk us.]


MOTION: Bob B moves that we accept the minutes with the two corrections 
from Hal; Prateek seconds the motion.  
 
No debate, no objections, minutes approved.


> SAML-related talks at 2002 RSA Conference
> =========================================
> 
> What all did folks submit as paper/panel proposals for RSA 2002?


No comments; please solicit feedback from the list if there are 
any proposals that are accepted 


> Open mike (new issues)
> ======================
> 

Issue: Core-10 
Chris M and Prateek published 4 documents on Monday July 23: 2 
schema docs that represent the consensus from F2F #3. They have 
been extensively reviewed by David O and Phill H-B. Draft schema 
assertion and draft schema protocol; they are valid, assumptions 
are called out 
In addition, a pair of non-normative documents were published; 
schema discussions to justify design. They call out 21 
identified issues, including a trace back to published F2F3 
minutes. Attempt to characterize assumptions in design and open 
issues. (note Jeff identified 37 issues in F2F 3 minutes; there 
must be some cross-over there). Issues in these documents are
cross-reference to issues in F2F 3 minutes (as much as is 
possible) 

Phill has issued comments, Prateek is concerned that these 
comments/changes to the schema make things more complicated.  
Is there consensus between Chris, Prateek and Phill that doco is 
consensus schema.

Phill's changes were to bring doco in line 
with what he thought we were doing -
                                   - he is still a bit confused 
on what will be an element and what will be an sub-type and how 
substitition types will work.  

Is this a syntactic issue or a substantive issue?  

If syntactic, lets revisit Phill’s document. 
Chris -
      - issue is what is form of final document 
 
Schema that came out assumes substitution -
                                          - should we call this 
out as an issue? 


> Adjourn
> =======
> (Next Focus subgroup meeting: 31-Jul-2001 telecon; +1 334 262 0740 participant
> code #856956
> Next official SSTC meeting: 7-Aug-2001 telecon; +1 334 262 0740 participant
> code #856956)


SSTC meeting officially adjourned. disucssion of core-10 to be carried out in
immediately following Focus subgroup discussion. 


> ===========================================================================
> Focus subcommittee agenda
> =========================
> 
> Do folks have initial questions about this set of docs, based upon the F2F #3
> consensus, issued 23-Jul-2001 in this message...
> 
> http://lists.oasis-open.org/archives/security-services/200107/msg00090.html
> 
> ?
> 
> How is progress on core-10 itself progressing?
> 
> How to proceed? Nominally, we need TC-wide, detailed, review and comment on
> these docs (including a putative core-10).


Prateek -
                         - this is exactly the type of 
discussion that is included in Prateek’s discussion documents. 
This is an issue that is appropriate for discussion. TC 
collectively needs to address this issue. 
Task from F2F3 was to produce consensus core-10 doco based on 
f2f discussions; it is not clear that this has happened.  


There is stuff in present core 9 and 10 docs that perhaps isn’t 
in discussion docs.

ACTION: Phill, Prateek, Chris, and Dave (although Dave is on vacation)
to create core 11 (including stuff from the discussion docs 
described above and Phill's comments) that Prateek, Chris, David 
and Phill can agree upon amongst themselves. 

Prateek would like aggressive time line; will attempt for next 
(July 31) focus subcommittee. 

 

no further discussion.

Adjourn.

======================
Attendance Role
======================


SSTC Meeting 
Attendance: Voting Members 
Gavenraj  Sodhi     Access360 
Irving    Reid Baltimore 
Mack HicksBank of America 
Krishna   Sankar    Cisco 
Ken  Yagen     Crosslogix 
Hal  Lockhart  Entegrity 
Carlisle  Adams     Entrust 
Robert    Griffin   Entrust 
Tim  Moses     Entrust 
Don  FlinnHitachi 
Nigel     Edwards   HP 
Joe  Pato HP 
Jason     Rouault   HP 
Marc Chanliau  Netegrity 
Prateek   Mishra    Netegrity 
Jeff Hodges    Oblix 
Charles   Knouse    Oblix 
JahanMorehSigaba 
Kelvin    BeeckTalkingBlocks 
Paul Ashley    Tivoli 
Bob  Blakley   Tivoli 
Heather   Hinton    Tivoli 
Sridhar   Muppidi   Tivoli 
Bob  Morgan    UWashington 
Phillip   Hallam-Baker   Verisign 
Thomas    Hardjono  Verisign 
Jeremy    Epstein   webMethods 
 
Other Attendance (Prospective Members and Observers) 
Simon GodikCrosslogix 
Micah Lerner   AT&T 
Shirley   Kawamoto  Hitachi 
 
New Members 
Don Flinn Hitachi 
 
Removed Members (as of this meeting) 
Brian     Eisenburg DataChannel 
Daniel    Ash  Identrus   
Mark Vandenwauver   Tivoli     
Hans Granqvist Verisign   
Dan  Guainan   Verisign   
Pramod    Pathak    Vordel



> ---
> end
> 
> ------------------------------------------------------------------
> To unsubscribe from this elist send a message with the single word
> "unsubscribe" in the body to: security-services-request@lists.oasis-open.org


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC