OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [security-services] Agenda for con-call, 12 noon Eastern Time (US),February 4, 2003

Agenda for Tuesday, February 4, 2003

Call-in Numbers:

+1 334 262 0740

code: 856956

Courtesy: SUN microsystems


1. Agenda bashing

2. Acceptance of minutes from January 21 Con Call


3. Review (and approve?) V1.1 work items

4. Action Item review

5. Any other business

6. Adjourn


3. Propopsed SAML 1.1 work items

Acceptance Criteria:

  • Bugs that are backwards-compatible (targeted to 1.1)
  • Functionality that's backwards-compatible/orthogonal and high-priority
  • The list as a whole can be completed in 3-6 months
  • Any decision that needs to be made in the short term
  • The below items are in no particular order [A.* numbering taken from original list]:

    + [A.1] Metadata for formalizing operational agreements between sites.

    1. See also AI-27 below.

    01 draft and response to reviewers comments published in




    + [A.2] WS-Security profile ([3], possibly to go to WSS TC)

    1. Closed.

    + [A-3] Figure out versioning of modularly published profile and binding specs

    1. See AI-19 below

    + [A-4] Sharpen conformance language around the notions of profiles vs. extensions

    1. See AI-6 below

    + [A-5] Express that an assertion should not be cached

    1. Hal Lockhart's proposal: http://lists.oasis-open.org/archives/security-services/200211/msg00011.html

    + [A-6] Fix fragment identifier gaffe [4]

    1. Approved proposal on this.

    2. Needs to be incorp'd in specs.

    3. See AI-15.

    + [A-7] Standardize issuer name formats

    1. See AI-25 below.

    2. Original request came from XACML: http://lists.oasis-open.org/archives/security-services/200211/msg00012.html

    + [A-8] Fix xmldsig issues

    1. For 1.1, Scott's dsig doc to become a non-normative component of the spec set.


    2. Also see AI-18.

    Additional Proposed V1.1 Work Items:

    + [A-9] Fix items from the Errata List (see AI-29)

    Jahan has published new version capturing errors to date


    + Additional web browser flows as suggested by interop and Shib experiences

    Scott has published use-cases describing the proposed new flows extending

    the SAML 1.0 web browser profiles


    + Review SAML error model; message from Carlisle


    + Are there additional work items? We plan to VOTE and CLOSE the SAML v1.1 list on

    February 17, 2003.

    4. List of Action Items


    . Action Items carried over from previous conference call:

    AI-6. Jeff to determine if conformance language around the notions of profiles vs. extensions is really an issue

    AI-12. Prateek to draft analysis of use of XML Encryption in SAML

    no champion, deferred to SAML 2.0

    AI-15. Editor (Eve) to update documents with Eve's fragment ID recommendations

    AI-18. Irving to consult w/ Merlin Hughes on current XMLDSig issues

    AI-19. RobP will go back and look in issues list and see what he can come up with wrt item [A.3] in the SAML v1.1 to-do list.


    AI-20. Eve to update specs to 1.0

    AI-25. Eve to respond to Hal's IssuerName proposal with an attribute-based & an element-based solution

    AI-26. Carlisle to update Mike Just's credentials collection proposal

    carlisle is owner but deferred to SAML 2.0

    AI-27. Prateek to rev draft-sstc-meta-data-00 and add in schema.


    AI-28. RobP to have RSAS convey a new "statement of licensing intent" to the SSTC that documents the additional two claimed applicable patents in addition to the prior two.

    AI-29. Jahan to start and own Errata list for current specs


    AI-30. Scott to produce use case document for destination site first flow using Web Browser Profiles (Target late January)


    AI-31. Jeff to send email to list on his interpretation of IPR issues surrounding using Liberty material

    AI-32. Rob will draft a usecase for an Attribute Authority, to be examined by the TC for profiling

    AI-33. Eve to update the charter based on discussion


    5. Any other business?


    [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

    Powered by eList eXpress LLC