[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [security-services] Minutes for Telecon, Tuesday 9 April 2002
Minutes for SSTC Telecon, Tuesday 9 April 2002
Dial in info: +1 334 262 0740 #856956
Minutes taken by Steve Anderson
>
> Our intent for today is to see if we are satisfied with core-31 and
> bindings-model-14 as committee specifications.
>
>
> 1. Roll call
>
- Attendance attached to bottom of these minutes
- Quorum achieved
- [ACTION ITEM] Steve to send membership to the mail list for use in
acknowledgement section of doc after vote confirming docs as committee
spec
>
> 2. Issue Status Report - Hal
>
- Hal: Comments on new issues list
- status list is generally uninteresting, lacking red issues
- have been requests for more identifiers for authN methods, but
didn't track as issues
- Hal in favor of making process of getting identifiers for this
purpose as easy as possible
- Jeff moves to follow Hal's recommendation in issue status (-06) report,
closing and deferring as noted in that doc
- [VOTE] no opposition, passes
>
> 3. Are we ready to vote on committee specifications?
>
> Possible states:
>
> 3.a We need more time to absorb the latest documents and look for
> minor details - postpone voting on committee specification for
> a week.
>
> 3.b We are satisfied with the document, but there are the few last
> issues outlined on the mailing list to be dealt with:
> 3.b.1 bindings-model-14 section numbering (word problem)
> 3.b.2 bindings-model-14 confirmation methods explanatory intro
> text (final wording)
> 3.b.3 core-31 -- StatusMessage - schema bounds change & prose
> explanation
> 3.b.k issues outlined in 2 above or otherwise appearing on
> list
>
> If we resolve these issues, then close the documents for new
> issues and vote on committee specification maturity level
> (assuming inclusion of text) and hold confirmation vote next
> week once we've seen the text
>
> 3.c We are satisfied with the documents, and we do not want any
> additional changes - vote on committee specification maturity
> level now.
>
- Joe: Open to other possible states than these
- Jeff: connotation to (3.a) is there could be changes to schema or
prose, and door is generally wide open
- Krisha: are all issues resolved?
- Joe: there have been a few issues raised in last 2 days, captured in
(3.b), but besides that, all are resolved
- Jeff: (3.b.3) is done with, by virtue of vote on issues status doc
- Hal: what is accepted procedure for correcting typos, etc, after vote?
- Jeff: connotation for (3.b) is that door is closed to schema and
semantic changes, etc, but still open for editorial issues, grammar,
language, etc.
- Joe: seeking support for any of these options
- larger sentiment toward (3.b) to start bringing closure
- [VOTE] for (3.b)
- 3.b.1
- [ACTION] Prateek to investigate Word mechanical document issues
- 3.b.2
- Jeff: just sent refinements to Prateek for Conf Methods
- Prateek: fine with that, just down to language, not semantics
- Hal: example had been dropped in his latter posting on the
thread, because in became out of sync
- Motion to accept this change as in Jeff's msg
< http://lists.oasis-open.org/archives/security-services/
200204/msg00076.html >
- [VOTE] no opposition, passes
- 3.b.3
- done
- 3.b.k
- Hal: mentioned 2 things in his status, acknowledgements and authN
method identifiers
- Jeff sent msg on acknowledgements this morning
< http://lists.oasis-open.org/archives/security-services/
200204/msg00071.html >
- exact form of acknowledgements is TBD
- Eve: available to normalize format with editors
- intent is to ensure people's contributions are acknowledged
- Hal: authN methods issues started with Rob's request for an
identifier for SecurID
- wants to make mechanism for obtaining these easy
- willing to make distinction between those endorsed by TC
and those that are just established by third party
- Phill: the tricky bit is when two are very similar and you
want a common ID
- Hal: commented that one org many see two as the same, but
another org may see them as different, so leave it as a
deployment-time configuration
- Phill: question for today is whether we are going to add an
ID for general 2 factor authN methods
- Rob: wants something like X509, where X509 was established
in general, and more specificity can be added
- Jeff: schema doesn't provide that now
- Prateek: concerned over public registry of these identifiers
- Joe: can take that up as next work item
- Rob: needs a value now to use for their SecurID
- Hal: had been distinction between authN methods associated
with standards and those that are proprietary
- Rob: refers to RFC280, SecurID SASL spec
- Phill: suggests taking authN methods and putting them in
separate doc
- Joe: prefers a future document supercede definition of authN
methods in current spec, rather than putting forward reference
in current spec to a document that doesn't yet exist
- If an RSA-specific value goes in now, other vendors are ...
- Phill: moves adding value "HardwareToken", which will be given
its own section, where it will be cast into a SAML URN
congruent with our other authN method URNs, with explanatory
text of "authentication was performed by means of an
unspecified hardware token."
- [VOTE] no opposition, passes
- Jeff: forwared comments by Bhavna, and responded to them
< http://lists.oasis-open.org/archives/security-services/
200204/msg00072.html >
- these are non-normative, editorial fixes
- Hal: only one seems controversial, re: line 464
- Prateek: verifies Jeff's responses, will correct
- Joe: any objections?
- none
- Jeff: Bhavna also had comments on core-31
- Phill: will make changes as noted by Bhavna, and amended by
Jeff
- Jeff: there was one other change that he hasn't sent
- core-31, lines 724-727
- Phill retained the old explanatory text
- we superceded that text with text matching 1658-1660
- should omit words "committee approved"
- editorial change only
- no objections
- Jeff will send text to list [sent right after telecon]
< http://lists.oasis-open.org/archives/security-services/
200204/msg00077.html >
- Joe: believes we have achieved successful resolution of the issues
- motion to close the documents and bring to committee spec level
- [VOTE] no opposition, **SPECIFICATION CLOSED**!!
- [WOO-HOO!]
>
> 4. Set next meeting date
>
- Joe: would like to schedule meeting for next Tues, just to confirm
editorial changes we just discussed are effected
- after that, final rendering will be all that is left
- next activity is to outline next tasks, now that 1.0 is done
- Joe: would we like a breather, off a week, and reconvene 30 April?
- would be an organizational meeting, to prioritize deferred items, etc
- Prateek will begin discussion of SOAP profile
- need discussion of ID repository
- Eve: will cancel conf bridge on 23 April (since it costs $)
- Jeff: notice that we need new web site maintainer
- Hal: need to discuss issue tracking, numbering
- Jeff: thanks to all for hard work over last +year
>
> 5. Adjourn
>
- Adjourned
-----------------------------------------------------------------------
Attendance of Voting Members:
Allen Rogers Authentica
Irving Reid Baltimore
Krishna Sankar Cisco
Hal Lockhart Entegrity
Carlisle Adams Entrust
Don Flinn Hitachi
Joe Pato HP
Chris McLaren Netegrity
Prateek Mishra Netegrity
Charles Knouse Oblix
Steve Anderson OpenNetwork
Rob Philpott RSA Security
Jahan Moreh Sigaba
Bhavna Bhatnagar Sun
Jeff Hodges Sun
Eve Maler Sun
Aravindan Ranganathan Sun
Emily Xu Sun
Phillip Hallam-Baker Verisign
Attendance of Observers or Prospective Members:
Scott Cantor OSU
Thomas Hardjono Verisign
Robert Griffin Entrust
Membership Status Changes:
none
--
Steve
Attachment:
sanderson.vcf
Description: Card for Steve Anderson
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC