OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [security-services] Minutes for Telecon, Tuesday 20 August 2002

Minutes for SSTC Telecon, Tuesday 20 August 2002
Dial in info: +1 334 262 0740 #856956
Minutes taken by Steve Anderson

> Agenda:
> 1. Roll call

- Attendance attached to bottom of these minutes
- Quorum achieved

> 2. Approve minutes for:
>    6 August meeting
>        < http://lists.oasis-open.org/archives/security-services/
>          200208/msg00004.html >
>    23 July Meeting: 
>        < http://lists.oasis-open.org/archives/security-services/
>          200207/msg00031.html >
>    9 July Meeting 
>        < http://lists.oasis-open.org/archives/security-services/
>          200207/msg00011.html >
>    25 June Meeting: 
>        < http://lists.oasis-open.org/archives/security-services/
>          200207/msg00007.html >

- [VOTE] no objections, approved

> 3. SAML ng (next generation) todo list prioritization
>    < http://lists.oasis-open.org/archives/security-services/
>      200208/msg00010.html >

- Jeff: more categorized than prioritized
 - identifies obtainable items over next 3-6 months
 - may want to leverage Liberty group for some longer-term items
- Eve: one of reasons for SAML 1.1 idea is that SAML 1.0 won't complete
  OASIS approval until end of Nov, so introducing significant feature
  change might be unseemly
- Jeff: as example of near-term bug fixes, there are issues in XMLDSig 
  that implementors are encountering that we can firm up
- Jeff walks through list in email
 - Group [A]
  - re: profiles vs. extensions, XACML is an example of a profile,
    in that it doesn't introduce changes to the SAML schema, where
    Liberty did, in fact, created schema extensions
- Stops for consensus around this breakdown of tasks
 - Hal: SAML 1.1/@.0 distinction is a good idea
 - Prateek: agrees, thinks 1.1 is still a substantial piece of work
 - Prateek: regarding Liberty, will we incorporate all of Liberty's 
  - Eve: we will have to refine our scope to determine our 
    relationships with other specs
  - also need to revisit our charter
- Jeff: are there any items in group [B] that people feel should be
  moved to group [A]?
    - Prateek: may come up with some later after further review
 - Eve: in reverse direction, we should "dare to do less"
- Jeff: for group [B], there are too many to take on, so we will have 
  to make decisions based on customer needs
 - Hal: seems that 2 items are duplicates
  - credential collector
  - pass through authentication
 - Jeff: not productive to sift through all of group [B] now
- Jeff: group [C]
 - item 1 relates to XACML work
 - do the XACML folks want to codify a SAML profile and have it
   registered with this TC?
 - Hal: XACML has taken idea of allowing use of SAML, but not 
   mandating it
  - so don't know if there will be a need for this registration
  - XACML still considering proposing an enhanced AuthZDecisionReq
 - left open
- Jeff: group [D]
 - Liberty's AuthN Context is clearly orthogonal, but still of
   interest to this TC -- and others
 - may just want to shepherd this to a suitable home
 - Hal: only bad scenario is if SSTC and Liberty _both_ modify it
 - some fuzziness around appropriateness of group [D]
- Jeff: is there anything else useful to do on this on today's call?
 - Hal: are there items in group [B] that people feel are urgent?
  - Hal: example of encryption, which is usually mentioned in same
    breath as signature
  - Scott: sees need for richer SSO semantics, but could live with
    waiting for group [B]
  - Steve: credential collector, in some form, would be useful
    sooner rather than later
  - Hal: good, looking forward to comments on his paper

> 4. Other Business

- Hal: last week, posted note relating to XACML/RLTC
 - realized significant overlap in agenda between these two groups
 - sees danger in same work going on in two places
 - not posing solution, just wants people to care about this issue
 - Joe: is this on agenda for SJC?
 - Hal: not optimistic that much can be done in that venue
 - Carlisle: was also surprised to see recent RLTC material 
   indicating overlap
 - Carlisle: shares Hal's pessimism wrt SJC
 - Hal: OASIS seems perfectly fine with duplicate work, leaving 
   "survival of the fittest" dynamics to work
 - Hal: believes that an inferior standard is preferable to 
   duplicate standards
- Eve: status report on WS-Sec Profile
 - getting minor edits now
 - will be sent to Prateek by tomorrow am
 - Prateek: will make a couple additions and then publish

> 5. Adjourn

- Adjourned


Attendance of Voting Members:

  Allen Rogers Authentica
  Irving Reid Baltimore
  Mingde Xu CrossLogix
  Hal Lockhart Entegrity
  Carlisle Adams Entrust
  Don Flinn Hitachi
  Joe  Pato HP
  Jason Rouault HP
  Prateek Mishra Netegrity
  Steve Anderson OpenNetwork
  Jahan Moreh Sigaba
  Bhavna Bhatnagar Sun
  Jeff Hodges Sun
  Eve Maler Sun
  Aravindan Ranganathan Sun
  Bob Morgan UWashington
  Simon Godik (individual)

Attendance of Observers or Prospective Members:

  Scott Cantor OSU


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC