OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [security-services] Minutes of SSTC/focus 15-Jan-2002 teleconference

Minutes of SSTC/focus 15-Jan-2002 teleconference

> Attendance - call to order

did not reach quorum. 17 necessary, had 15. 

Proceed as focus group meeting. 

> Approval of Minutes for 9 Jan Meeting
> <
> http://lists.oasis-open.org/archives/security-services/200201/msg00076.html
> >

no quorum, so did not vote. 

> Critical Issues needing vote:
>         - none prior to meeting. Any issues needing vote should be proposed
> at this time

None proposed/raised.

> Document Discussions:
> == Issues List Document

Hal said it will be sent out today. There's some 20-odd new issues. 

Hal will separately send a report (likely tomorrow) that identifies all the
issues that are closed, and those that are deferred beyond SAML 1.0.

> == Security Considerations

Chris solicits thorough review.
Irving indicates that he has comments he will try to produce this week. 

Scott notes that he brought up replay attacks in a thread on the list.

Hal notes Scott's thread and will ensure it's in the issues list.

> == Conformance

Prateek has question on the list wrt this doc. Is wondering about the fine
granularity of conformance. 

Phill sees this as a good/necessary thing because some companies will just impl
prod/consume of Authn assns, say. 
 parties that are generating authn assns will likely be differemt than those 
 who consume them. Thus need methodology for both producers and consumers to 
 assess conformance. 

[further detailed discussions on conformance doc held for after the published

> == Bindings Doc

scott: soap 1.1 spec we're binding to is written wrt an older version of xml
schema. looking at how xml namespaces are handled in soap impls. there's a
possibility of namespace collisions. will send note to the list. (impl

> == Core Doc

phill: need to change attr value type from "seq of any" to "any".
chris: chris nominally agrees, seems it's just a schema error

phill: this is the [A15 & 23: Chris] item. 

> == Glossary

no comments.

> Action Tracking
> 4 -- Review status of action items - and move to resolution
> [A5: BobB] - Section 4.1.3 472-473, text to clarify construction of
> ID (w.r.t. uniqueness)
> - Joe has contacted Bob - but still open

still open.

> [A15 & 23: Chris] - Write up advice on how to use current approach to
> generic slots for attributes
> Still not in. This is the problem with removing attribute value type. Bob,
> Chris and Phill have caucused and sent interim resolution to mailing list.
> <
> http://lists.oasis-open.org/archives/security-services/200201/msg00057.html
> >
> Phill suggests revisiting during last-call.

[see above discussion of core doc]

[still open]

See thread rooted here..

  A15 & A23: Attribute Values

> >
> > [A22: Irving] - core line 752, return code for completeness specifier:
> >
> mooted by Element <Status> (line 1222) of core-24

irving thinks closed, will review core-25. hold open for tracking purposes. 

[still open]

held over discussion items

conformance doc dicussion
 prateek will continue the thread on the list

 rlbob: issue will be more about how pieces of saml are incorpd in other
  (e.g. shibb). shibb will say "in order to conform to us, you will need to use
  chunks x, y, z of saml", so saml conform stuff should support this. 

RLBob -- will query about OASIS URN-based identifiers
 schema identifiers, algorithm identifiers, etc -- use the OASIS namespace? 

NEW ACTION: RLBob -- work with oasis folk to determine use of OASIS

RFC3121 "A URN Namespace for OASIS"
Abstract: This document describes a URN (Uniform Resource Name) namespace that
is engineered by the Organization for the Advancement of Structured Information
Standards (OASIS) for naming persistent resources published by OASIS (such as
OASIS Standards, XML (Extensible Markup Language) Document Type Definitions,
XML Schemas, Namespaces, Stylesheets, and other documents).


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC