security-services message

Subject: [Updated] Formal Minutes from SSTC F2F#4
From: Jeff Hodges <jhodges@oblix.com>
To: oasis sstc <security-services@lists.oasis-open.org>
Date: Fri, 21 Sep 2001 10:35:21 -0700
[These F2F #4 minutes and supporting docs/presentations are now available in
the "minutes repository", as pointed-to below. ]


=============================================================================
Oasis Security Services TC Face to Face #4 Minutes
=============================================================================
The fourth SSTC Face-to-Face meeting (F2F #4) was held 
27-29 August 2001 in Waltham, MA, USA.


Minutes recorded by Gil Pilz, Gavenraj Sodhi. 
Distilled by Joe Pato. Updated by Jeff Hodges (on 20-Sep-2001)

=============================================================================
These minutes represent the formal decisions taken and actions assigned
during the meeting of 27-29 Aug 2001. This document is available as..

http://www.oasis-open.org/committees/security/minutes/SSTC-F2F-4-Minutes-00.txt

Sections:
	Informal "raw" F2F#4 minutes
	Related F2F #4 documents & presentations
	Notation
	MINUTES

=============================================================================
Informal "raw" F2F#4 minutes are available in the SSTC minutes repository in
these files..

http://www.oasis-open.org/committees/security/minutes/SSTC-F2F-4-Notes-Pilz-2001-08-27.doc
http://www.oasis-open.org/committees/security/minutes/SSTC-F2F-4-Notes-Pilz-2001-08-28.doc
http://www.oasis-open.org/committees/security/minutes/SSTC-F2F-4-Notes-Pilz-2001-08-29.doc

http://www.oasis-open.org/committees/security/minutes/SSTC-F2F-4-Notes-Sodhi-2001-08-27-29.doc

http://www.oasis-open.org/committees/security/minutes/SSTC-F2F-4-Sodhi-BobBDrawing.vsd
http://www.oasis-open.org/committees/security/minutes/SSTC-F2F-4-Sodhi-SAMLDrawing1.vsd
http://www.oasis-open.org/committees/security/minutes/SSTC-F2F-4-Sodhi-Ticket.vsd


=============================================================================
Related F2F #4 documents & presentations...


Bob Blakley F2F #4 Workitems
http://www.oasis-open.org/committees/security/minutes/SSTC-F2F-4-Blakley-Workitems.ppt
Contains these subsections on these topics:
  SAML “SenderVouches” SubjectConfirmation Method: A Proposed Alternative 
    to Bindings 0.5 Proposals
  SAML Trust Models
  Semantics of SAML Subject Information
  Receipt of Currently Invalid Assertions


Shibboleth: How It Relates to SAML (Marlena Erdos)
http://www.oasis-open.org/committees/security/minutes/SSTC-F2F-4-Erdos-ShibbAndSAML.ppt

SAML Conformance Sub-Group Report (Robert Griffin)
http://www.oasis-open.org/committees/security/minutes/SSTC-F2F-4-Griffin-ConformReport.ppt

Security Considerations (Jeff Hodges)
http://www.oasis-open.org/committees/security/minutes/SSTC-F2F-4-Hodges-SecurityConsiderations.ppt

Dynamic Sessions (Hal Lockhart)
http://www.oasis-open.org/committees/security/minutes/SSTC-F2F-4-Lockhart-DynamicSessions.ppt

Extensibility Techniques for SAML Assertions (Eve Maler)
http://www.oasis-open.org/committees/security/minutes/SSTC-F2F-4-Maler-ExtensibilityTechniquesForSAMLAssertions.ppt


Microsoft Presentation on Kerberos/Passport/SAML (Doug Bayer & Paul Leach)

(1.7MB .zip file)
http://www.oasis-open.org/committees/security/minutes/SSTC-F2F-4-MS-Kerberos-Passport-SAML.zip

(2.8MB .ppt file)
http://www.oasis-open.org/committees/security/minutes/SSTC-F2F-4-MS-Kerberos-Passport-SAML.ppt


=============================================================================
Notation...

The following notations are used throughout the MINUTES below:

·        votes are marked: [Vote]

·        agreements without a formal vote are marked [General Consensus]

·        actions are marked: [Action - <owner>] if the owner is TC, then
         this action is for all TC members


=============================================================================
MINUTES...


Monday, 27 Aug 2001
-------------------
8:30 -  9:00  Meet and greet; continental breakfast

9:00 -  9:30  Administrative (Joe)

                 Call to order 

                 Roll call - attendance at end of minutes.

 

Quorum was not reached until 9:30 when Irving Reid arrived. Until quorum was
reached, we proceeded with the binding subgroup report as a focus group.
When quorum was reached we completed the approval and review of agenda.

 

                 [VOTE]: Approve minutes of previous meeting - No objections

                 [VOTE]: Review and approve agenda - No objections

 

9:30  - 10:15  Binding Subgroup Report (Prateek) 

               Scope, Binding vs. Profile,
               Process framework for registering bindings,
               Contents of Bindings Report

10:15 - 10:30  Break 


10:30 - 12:00  Binding issues discussion

               Web Browser Profiles for SAML (Prateek)


12:00 - 1:15   Lunch 


1:15  - 3:00   Binding issues discussion (cont.) 

1:15  - 2:00   Shibboleth Flows and Structures (Marlena)

2:00  - 3:00   SOAP Profile for SAML          (Prateek)

3:00  - 3:15   Break

3:15 - 4:30   Continuation of SOAP Profile for SAML

4:30  - 5:30   Kerberos Authentication & SAML & Soap use of SAML

                                    (Doug Bayer & Paul Leach)

6:00  - 7:00   Break for day


7:00  - 9:00   Group Dinner 

 

 

 Tuesday, 28 Aug 2001
 ---------------------

8:30  - 9:00   Continental breakfast

9:00  - 9:30   Administrative (Joe)

                 Review of, and tweaks to, the Agenda for this second day
                 Summary of findings/observations from previous day

 

9:30 - 10:30  SAML / SOAP / Kerberos


[Action - Paul Leach]: Look at current SAML web browser profile and provide
comments for changes, additions.

[ACTION - TC]: a SAML/Kerberos integration discussion group will be created
- send mail to Joe to join him (by 9/14)


Charter for this group:

1)      Web Browser profiles and integration with Kerberos

2)      SOAP Security Architecture model

3)      Trust Model

 

10:30 - 10:45  Break 


10:45  - 12:30   Binding issues (cont.) (Prateek.)

               HTTP Binding for SAML

               SOAP Binding for SAML


[ACTION - Phil]: agreed, the core spec will state that all elements need to
explicitly call out the SAML namespace. Phil to make changes.


[General Consensus]: we need more investigation on the issue of whether we
should register a new SAML MIME type. No owner assigned - defaults to
Prateek.

 

12:30 - 1:30   Lunch

 

1:30  - 2:30   XML Style issues (Eve)

 

[ISSUE - Phil] We need to add an issue that deals with blocking the
substitution of various core SAML elements. [resolved schema core-16]


[General Consensus]:  native elements should have native constructs.
Non-native elements do not get their own elements.


[General Consensus]: every element should be global.

 

2:30 - 4:30  Core Assertions (Phillip)

 

[Action - Hal]: to write scenarios (and / or provide definitions) for how
NameIdentifier is used (e.g., when it is in SubjectConfirmation to identify
an assertion vs. when it is used to represent the assertion referent) 


[Action - Marlena]: to write up use of artifacts for queries


[Action - Irving]: Multiple NameIdentifiers are dangerous - Irving to write
up proposal.


[Action - Marlena]: to write a proposal to create another Web Browser
profile that retrieves an Attribute Assertion rather than an Authentication
Assertion.


[Action - Simon]: write a concrete proposal that outlines the change to the
nature of the authorization query.


[Action - Phil]: Will produce a core-16 that just contains the notional and
twiddles before any major changes to schema and protocols.


[Action - Charles]: To write a concrete proposal that would allow
Authorities to provide helpful info about why certain requests failed. This
would be really helpful during initial deployment when you can't figure out
why things aren't working. This could/should be turned off in production.

 

4:30  - 5:00   "Closed issues" review (Hal)

 

3:00  - 3:15   Break  

 

3:15  - 5:00   Open Issues discussion (Hal)

 

5:30           Break for the day



 Wednesday, 29 Aug 2001
 ----------------------

8:30  - 9:00   Continental breakfast

9:00  - 9:15   Administrative

                 Review of, and tweaks to, the Agenda for this third da
                 Summary of findings/observations from previous day

 

9:15 - 11:15            Issues


[Action - Hal]: to take all the proposed closed issues (green) and send them
out for ratification at the next concall. [Completed 8/31 - ratification
awaiting next concall with quorum]


[Action - TC]: Next two weeks open season on remaining issues. If an issue
does not have a sponsor (a SSTC voting member) by Friday 21 September then
it will be moved to "not addressed in SAML 1.0". Sponsor is responsible for
driving issue to conclusion.


[Action - Gil]: [DS-6-01:Nested Attributes] Not sure how SAML could address
this

 

Issue Champions:


[Action - Tim]: First Contact - will write up what can be done with the
current design.


[Action - Irving]: to investigate and write up WAP limits


[Action - Prateek]: Lookup by artifact: Agreed that he should submit a
detailed proposal to the Core outlining specific changes to specific
sections. Includes new request-response protocol not currently defined in
HTTP binding


[Action - Prateek]: "Security properties of Assertion Handle" (Bob Blakley
to act as reviewer).


[Action - Prateek]: This is an editorial issue about the names of profiles.
Prateek to revise current document.


[Action - Gil]: To make a proposal on the mandatory use of HTTPS


[Action - Jeff]: threat model discussions to be removed from the bindings
doc - but rationale preserved somewhere in SAML documents.


[Action - Don]: Smart client profile - develop a proposal


[Action - Prateek]: Push profile / use case to be dropped from document
(Paul Leach's claim that this would assist SAML/Kerberos integration was
never developed - Paul to present this case if he wishes to re-instate this
profile)


[Action - Hal]: Agrees to create a proposal that indicates why we should
minimize the number of profiles, specifically "Form POST".


[Action - Don]: to elaborate the number of 1-1 relationships and propose how
to fix the resulting scaling issues.


[Action - Hal & Bob B]: Artifacts are bearer instruments, Assertions are not


[Action - Marlena]: SHIB desires 00-02 artifact type (anonymous user &
attribute assertions - non personal identifiable info) core design issue.


[Action - Bob B & Marlena]: <Subject> in Core doc to correspond to Artifact


[Action - Prateek]: Oracle attacks WRT SOAP Profile


[Action - Bob B.]: Return of not current valid assertions to RP (e.g. post
dated)


[Action - Prateek]: Should the Bindings Group select either the HTTP or SOAP
protocol bindings for inclusion in the final spec?


[Action - Prateek]: Should the SOAP binding address the issue of
intermediaries - generate proposal for how

 

10:30 - 10:45  Break


11:15  - 11:45  Sessions (Hal)


11:45 - 12:45   Lunch


12:45 - 1:15  Conformance (Robert)

1:15 - 2:00  Security Considerations (Jeff)

 

[Action - Chris McClaren]: will champion the sec-consider-xx issues and
drive this subprocess.

 

2:00  - 3:00   Review Issues, next steps, administrivia (Joe)

 

[Action - Marlena, Eve, Bob, Hal]: Forward presentation slides

 

2:30 - 3:00   Open Discussion on Versioning

 

[Vote]: SAML will use explicit version attributes rather than rely on XML
Namespaces to contain version info. [No objection]


[Action - Chris]: to write-up versioning strategy and distribute to mailing
list [done Aug 30]

 

3:00           Adjourn


Items deferred from the agenda due to constraints:

  Implementation / Interop discussions (Jeff?)

  xml-DSIG usage by SAML

---
end