OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Minutes of March 18, SSTC Conference Call

March 18, SSTC Conference Call



1. Roll-Call


15/20 members present; Quorum is achieved.


2. Agenda Bashing


   Rob published Agenda for the conference call on March 17, 2003

   (Archive is currently unavailable --- cannot provide link from this message)


3. Acceptance of minutes from March 4 conference Call.


   Minutes accepted without any objections.


4. Kavi Update


   Transition to Kavi is on-going

   All members must plan to acquire user-name and password from OASIS.

   OASIS will e-mail all current members a link to enable this process.


   Kavi structure is different from earlier model. One issue is that upload of

   documents requires OASIS intervention. This is different from the earlier

   situation wherein chairs/web site maintainers could directly upload documents

   into the archive.


   [Action for Rob] Ensure that Jeff Hodges has appropriate Kavi status to upload

   documents into Kavi.


   Another issue is that only members can post to the main SSTC mailing list. Rob

   proposes a work-around wherein "non-voting" members can continue to e-mail to

   the list.




Voting on AI-36:(message re-sent by Prateek on March 18 AM)


   Item 2. Further discussion from Eve Maler, January 7, 2003 received 

   on the topic. As archives are not accessible, Eve will re-forward message

   and discussion resumes during the call.



   Jeff: this is orthogonal to the versioning discussion, right?

   Scott: does not prejudice versioning discussion in any way.


   Rob: calls for vote, accepted without objection.



   Item 3. Status of this item is pending, NOT ready for vote. Should be resolved

   after schema change discussion (driven by Scott) concludes.


   Item 4. Status of this item is pending, NOT ready for vote. Should be resolved

   after schema change discussion (driven by Scott) concludes.




Discussion on "Visit Destination Site First, Flows" . Scott has produced draft

with proposed schema change (changes to core) and changes to binding. Not much

comment has been received.


Prateek: is it appropriate to move to a vote right now?


Scott: suggest we separate discussion and voting of

(a) high-level agreement on functionality (b) exact details of specification changes.

We are not ready to discuss the latter but we should discuss and resolve high-level functionality

and vote on it.


Motion: SSTC instructs Jahan, Scott, PrateeK to complete "Visit Destination Site First Flow"

definition. TC's intent is to include this flow in SAML 1.1


Motion accepted without objections.




Discussion on Carlisle Adam's Credential Collector Proposal.


Has been available on the list for the past week; only one comment received from Slava Kavsan.


Carlisle presents an overview of the proposal; notes dependence on WS-Trust (this is noted

in his proposal).


Discussion around availability of WS-Trust within some standards body. Maryann Hondo to ping

WS-Trust group to investigate this type of availability.


Hal/Jeff H: Is it going to make CBValue/CBReference use of WS-Trust??


Question to WS-Trust authors:


(0) SSTC is interested in using portions of WS-Trust specification.


(1) Clarify their intent on submission to standards body and relevant time frame


(2) Will the WS-Trust specification be submitted to a standards body within the next three months


(3) Alternatively, would WS-Trust authors consider releasing WS-Trust specification (appropriate

waiver of copyright) to the SSTC to build a derivative work.



[ACTION to Carlisle] Formulate appropriate language for WS-Trust folks on SSTC mailing list.

Maryann to ping WS-Trust authors.


[ACTION to SSTC] comment on Carlisle draft before next call.






Scott: CUrrent position summarized in March 5, 2003 message titled "Clearer Draft of

Versioning Proposals". Core question: adding attributes will break forward compatibility.

In other words, a SAML 1.0 processor cannot automatically process SAML 1.1 materials. It

would be unable to validate.


Other changes, such as adding a few new types etc. has a different impact. A SAML 1.0 processor

would not be expected to understand these new objects. However, adding attributes has a different

character because 1.1 versions of 1.0 objects will not validate in the 1.0 context.


How important is forward compatibility to the SSTC? Is it something we want to preserve?


Motion: High-level agreement on inclusion of ID attributes in SAML 1.1.


[ACTION: We will vote on this on March April 1, 2003]

[ACTION: Prateek to write note to saml-dev describing this proposal]


#011, #03:


#011 is closed, roll into #03.

[ACTION: Scott to propose text changes to the Versioning section of the Core document]




Closed for SAML 1,1. Add to SAML 2.0 list.



Remains open.





















DISCUSSION of meeting frequency. Eve, Rob ., note that we are moving v. slowly on finishing

up SAML 1.1 draft. Suggestion that we should go to a once-a-week meeting format.




SSTC chairs propose that weekly meetings from March 25, 2003. The length of time would be

reduced to 1.5 hours. ACTION for Rob to publish on the list.




Eve will be out in May. Suggests we try to make progress in April. Scott may be available

in May to act as an Editor.






SAML 2.0/SAML 1.1 refactoring of bindings and profiles. Split into several pieces with

documents like (1) General considerations for bindings and profiles (2) individual profiles

(3) individual bindings.


 Discussion suggests that this topic be deferred till SAML 2.0





Eve: How will we identify the contributors to SAML 1.1?

    Discussion: add contributors to existing SAML 1.0 list.



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]