OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [security-services] FW: Current Status

Title: Message
F or the record, this is the message that should have gone out before 

a] MAY NOT ???  I don't think that is legal, MUST NOT or SHOULD NOT are acceptable.
0)  Have fixed the Schema location for the XML Signature schema to point to the W3C site.
 1) Have fixed the problem with the references which was caused by interaction with change bars so this change is not change bar logged



Changes from 19th March Telcon.


2) DS-14-20: Reorder Conditions Contents

        - motion to make change as proposed in ELM-5, with friendly amendment that TargetRestrictionCondition has already been removed




3) SSO Confirmation
        - Jeff's response msg:


            Done : I assume that the whole section was to go 


4) [ACTION ITEM] Phill to make change from AuthenticationLocality
  to SubjectLocality 


 Changes from 26th March Telcon.

5) [RLBob] InResponseTo optional
        proposed text change to core-28 to list - included in spec (Phill?)



6) New Issue: Should Queries contain a full Subject?


After the end of the sentence on line 1279, insert a new paragraph:

Note: The AuthenticationQuery MAY NOT be used as a request for a new authentication using credentials provided in the request. The AuthenticationQuery is a request for statements about authentication acts which have occured in a previous interaction between the indicated principal and the Authentication Authority.


            ISSUE. MAY NOT is not a defined term, MUST NOT appears more appropriate

 Resolution: We will include text to characterize the general threat described under part 3 of Hal's message. An additional error sub-status code "Request Denied" and the conditions under which it is to be used described. No change to schema for subject in query.

Prateek will write this text and Rob P. will review. This text will be added to the core document. Motion passes.



7) [Hal] [security-services] New (minor) Issue: AuthNMethod, not ConfirmationMethod in AuthNQu ery


[Minutes] Friendly amendment from Rob --- instruction to the editor -- text beginning at "first,... and
further, etc..." should be split up into bullets so the processing steps are obvious. 

              Done: It was not immediately apparent to me if the text The <Subject>... should be deleted, please advise

8) [Hal] Text for "All Assertions"

http://lists.oasis-open.org/archives/security-services/200203/msg00138.html - agreed? applied?

lines 1317 & 1318 change the sentence to read:

If no attributes are specified, it indicates that all attributes allowed by policy are requested.


 9) [Scott] Core changes for ISSUE DS-14-19

http://lists.oasis-open.org/archives/security-services/200203/msg00143.html -


 10) [Emily] Minor error in core 28



11) [Scott] Core changes for ISSUE DS-4-13

Use amended text from:



12) [Scott] Approved changes/cleanup for Status/StatusCode/etc.



13) [Hal] Base64 in core and bindings


             Done : Note that Hal's message talks about considering more extensive changes. I added a sentence to point to the Base64 reference. 

14) [Rob P] Comments on core-28

http://lists.oasis-open.org/archives/security-services/200203/msg00161.html - editorial, applied?


             Done, 1,2,3, 5, 7, 8,9,10  

4) change line 352 to start: "currently being defined"  

6) replace application by terms a SAML requestor, SAML responder, where appropriate

http://lists.oasis-open.org/archives/security-services/200203/msg00163.html - editorial

              Done  [kinda / sorta] had to use authority in most cases.

 15) [Rob P] Issue/editorial comment: Description of<Condition> processing in core-28

http://lists.oasis-open.org/archives/security-services/200203/msg00162.html - agreed? applied?

              Done: I added back a bit of the merged text to make absolutely sure that it was clear that extension conditions cause processing to fail. I also changed the font back to normal from courier and used bold to represent the status results.
 16)  RL Bob's URN message to be applied to core and bindings.







[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC