- Agenda bashing
- Approval of minutes from Tue, Jan 7
- Review (and approve?) V1.1 work items
- Action Item review
- Any other business
- V1.1 Work Items (see http://lists.oasis-open.org/archives/security-services/200208/msg00010.html)
- Bugs that are backwards-compatible
(targeted to 1.1)
- Functionality that's backwards-compatible/orthogonal
- The list as a whole can be completed in
- Any decision that needs to be made in
the short term
The below items are in no
particular order [A.* numbering taken from original list]:
[A.1] Metadata for formalizing
operational agreements between sites.
See AI-27 below.
[A.2] WS-Security profile
(, possibly to go to WSS TC)
[A-3] Figure out versioning
of modularly published profile and binding specs
See AI-19 below and separate
mail sent to list last night.
[A-4] Sharpen conformance
language around the notions of profiles vs. extensions
See AI-6 below
[A-5] Express that an
assertion should not be cached
[A-6] Fix fragment
identifier gaffe 
Approved proposal on this.
Needs to be incorp'd in
[A-7] Standardize issuer
See AI-25 below.
Original request came from
[A-8] Fix xmldsig issues
(might turn out to be a V2.0 item)
For 1.1, Scott's dsig doc to
become a non-normative component of the spec set.
Doc needs careful review
& update as necessary.
Need to vote on finalized
wording and adding additional doc to spec set
Also see AI-18.
Additional Proposed V1.1
[A-9] Fix items from the
Errata List (see AI-29)
[A-10] XML Encrypotion analysis
[A-11] Mike Just's
Credential Collector Proposal (see AI-26)
Original mail: http://lists.oasis-open.org/archives/security-services/200209/msg00007.html
4. Action Items carried over from previous
- AI-6. Jeff to determine
if conformance language around the notions of profiles vs. extensions is
really an issue
- AI-12. Prateek to draft
analysis of use of XML Encryption in SAML
- AI-15. Editor (Eve) to
update documents with Eve's fragment ID recommendations
- AI-18. Irving to consult w/ Merlin
Hughes on current XMLDSig issues
- AI-19. RobP will go
back and look in issues list and see what he can come up with wrt item
[A.3] in the SAML v1.1 to-do list.
- AI-20. Eve to update
specs to 1.0
- AI-25. Eve to respond
to Hal's IssuerName proposal with an attribute-based & an
- AI-26. Carlisle
to update Mike Just's credentials collection proposal
- AI-27. Prateek to rev
draft-sstc-meta-data-00 and add in schema.
- AI-28. RobP to have
RSAS convey a new "statement of licensing intent" to the SSTC
that documents the additional two claimed applicable patents in addition
to the prior two.
- AI-29. Jahan to start
and own Errata list for current specs
- AI-30. Scott to produce
use case document for destination site first flow using Web Browser
Profiles (Target late January)
- AI-31. Jeff to send
email to list on his interpretation of IPR issues surrounding using Liberty material
- AI-32. Rob will draft a
usecase for an Attribute Authority, to be examined by the TC for profiling
- AI-33. Eve to update
the charter based on discussion
- AI-34. Rob will pull
single list of v1.1 To Do items
RSA Security Inc.
The Most Trusted Name in e-Security