[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [security-services] Minutes for Focus Group, Tuesday Nov 06
Agenda - OASIS SSTC Focus Group - Tuesday Nov 6
Dial in info: +1 334 262 0740 #856956
Attendees:
Joe P
Carlisle A
Prateek M
Chris M
Scott C
Jeff B
Gil P
Steve A
Jason R
Darren P
Hal L
Thomas H
Don F
Irving R
No Prior Agenda
Items left over from last call
Solicit items
Firm up F2F agenda
- Prateek: 1 issue carried forward: Sec props of assertion handles
- Says it’s now closed
- Prateek: concerning F2F, as bindings doc comes together, wants to
discuss interrelationship with core
- Sounds like it needs coverage during F2F
- Don: How will one do verification of signature, e.g. on attrib
assertion
- Prateek: why is this an interop question? Why do we care?
- Why go back to authority at all? Dig Signed doc, just need root
cert
- Don: don’t have that
- Hal: have to start with something, or you couldn’t trust
authority
either
- Gil: XKMS can solve this
- RLBob: had similar issues in Shib, opted to leave in realm of PKI
- Consensus is that this is out of scope
F2F
- Day 1 is Bindings
- Bindings doc is due out tomorrow
- Prateek: might slip one day
- Will also deal with XMLDsig
- Day 2 will start a little late due to XKMS call (All are invited to
XKMS
call)
- will cover Core doc
- reconciliation issues with bindings doc
- security considerations (1 hr)
- interop testing
- Irving’s multiple name identifier issue
- Joe: thought this was closed (Irving not on call yet)
- will verify
- Brief discussion on IPR
- When published to OASIS, will need documentation on this
- Not expecting to reach final wording at F2F, but want to get
good discussion
- Leaves ~2 hrs for reconciliation
- Prateek: that sounds sufficient
- Final agenda will go out today
- F2F will start at 9 on Tue and 9:30 on Wed
- XKMS call starts at 8 on Wed
- Expected outcome from F2F is a something very close to draft spec
- Intent is to release it out of committee 1 Mar
- Prateek: thinks we can achieve that
- Remaining tasks involve wording, normative vs. example text
Scott: Minor issue from shib call
- Had issue where an attrib authority is collecting attribs from many
different sources, and one is not available during a given call
- What to do?
- Shib decided not to specify behavior
- In SAML, what is intention of completeness specifier
- RLBob: recalls that this was, in fact, intended to address problem
where attrib authority cannot return all attrs for whatever
reason,
security or otherwise
- Prateek: agrees, flag tells AA to give any available or to fail
if
all can’t be returned
- Scott: sounds like language in spec is too strict
- Irving: do you send back a success code with no assertions or a
failure code? text not clear
- RLBob: seems to be great uncertainty,
- Scott: suggests this get raised at F2F
Scott: another fault code idea from SOAP
- Suggestion to revise dot codes and replace with nested XML
- Will forward to list
Adjourned
--
Steve Anderson
OpenNetwork Technologies
sanderson@opennetwork.com
727-561-9500 x241
begin:vcard n:Anderson;Steve tel;fax:727-561-0303 tel;work:727-561-9500 x241 x-mozilla-html:FALSE url:www.opennetwork.com org:OpenNetwork Technologies version:2.1 email;internet:sanderson@opennetwork.com title:Product Architect adr;quoted-printable:;;13577 Feather Sound Drive=0D=0ASuite 330;Clearwater;Florida;33762;USA x-mozilla-cpt:;-15216 fn:Steve Anderson end:vcard
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC