[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes for Telecon, Tuesday 06 May 2003
Minutes for SSTC Telecon, Tuesday 06 May 2003
Dial in info: +1 865 673 3239 #238-3466
Minutes taken by Steve Anderson
======================================================================
Summary
======================================================================
Votes:
- Minutes from 29 April 2003 call accepted
Previous Action Items Still Open:
- AI-0004: Propose WSDL for Meta-data
- AI-0013: Request use of WS-Trust for CC Proposal
- AI-0033: Generative non-normative "Differences between SAML 1.1
and SAML 1.0" document
- AI-0038: Continue developing Metadata specs
- AI-0034: Correct document use of xsd:ID
New Action Items:
- (none)
======================================================================
Raw Notes
======================================================================
>
> Agenda:
>
> 1. Roll call
>
- Attendance attached to bottom of these minutes
- Quorum achieved
>
> 2. Accept minutes from previous meeting, 29 April
> < http://lists.oasis-open.org/archives/security-services/
> 200304/msg00209.html >
>
- [VOTE] unanimous consent, accepted
>
> 3. Kavi Proposal:
>
> Rob has suggested that notification to users every time a document
> is posted to Kavi be turned off by default. Users should be
> notified only for selected document updates.
>
- Rob: if we're doing large numbers of updates, just send one manual
email notice
- Steve: all for this
- Rob: there's no way to change the default, so just have to make
this a matter of procedure
>
> 4. Last call notice has gone out Saturday, May 3, 2003
>
> < http://lists.oasis-open.org/archives/security-services/
> 200305/msg00067.html >
>
> Stays within guidelines proposed in (updates
> < http://lists.oasis-open.org/archives/security-services/
> 200304/msg00133.html >) with the exception that last call ends
> on May 15.
>
- Rob: actually ends Friday 16 May
- Original timeline had the cut-off on 13 May, which would have limited
the comments, but we're still shooting for a Candidate Spec 20 May
>
> 5. Open Action-Items
>
> AI-0004
> Propose WSDL for Meta-data
> Prateek Mishra
>
- Prateek: has not had a chance to catch up with Jahan's metadata
proposal
- stays open
>
> AI-0013
> Request use of WS-Trust for CC Proposal
> Maryann Hondo
>
- not on call
- Rob: can provide update
- there was a call between number of authors last week
- VeriSign, RSA, IBM, but no MS folks
- one clarification needed from TC: are we asking them to submit
specifically as a reference doc or for future derivative works
by the TC
- believes we only wanted it as a reference doc
- Hal: not sure he sees the distinction in practice
- Irving: do we want to base work on it or do we want to take over
furthering that document
- Rob: because MS wasn't on call, couldn't reach conclusion on
timeframe for submitting to a standards body
- feeling was that July may not be feasible
- it is moving forward, however
- Carlisle: trouble is that we're stuck until we get an answer
- Jeff: we're not guaranteed to use WS-Trust anyway
- Carlisle: what if we extend our request to Aug/Sept?
- Hal: would that delay 2.0?
- not necessarily
- Jeff: we can explore other alternatives, including inventing our
own, and if they get their act together, great
- Carlisle: can Rob give any timeline indication?
- Rob: gets feeling of strong desire to get it in an org in the Fall
- Carlisle: can we wait that long?
- Jeff: thinks so
- Steve: is a commitment from the WS-Trust authors to bring it to
a standards body sufficient for us to continue working against
it, or is it necessary to wait for the actual submission?
- Jeff: can do some work based on commitment, but would prefer to
hedge until it actually happens
- Carlisle: having it submitted to an org is the beginning of that
process, and the doc will change
- Steve: that's true of any referenced standard
- [discussion of 'by value' vs. 'by reference']
- Irving: reluctant to head down 'derivative' route
- Carlisle: what do we think is best course of action
- Jeff: the welcome mat is out to bring the spec to this TC
- Steve: didn't recall it that way
- Carlisle: seems extremely unlikely this spec would be ratified
by a standards body by end of year
- Steve: can we not reference an input draft to another group?
- Jeff: wouldn't be good
- Rob: we could chose to not release the credential collector
functionality with 2.0, and release it afterwards
- Carlisle: do we think end of 2003 is reasonable timeline for 2.0
- Scott: seems very aggressive
- Rob: we don't have to decide this today
- could have some of the WS-Trust authors on one of our calls
- WS-Trust authors will probably need to meet and discuss this
on their own before that
- our joint call doesn't have to happen right away
- Carlisle: what seems to be the inhibitors to submitting WS-Trust
- Rob: thinks they may want to produce another draft first
- [discussion of the usefulness of that]
- Jeff: not sure that it wouldn't be acceptable (IPR & copyright-
wise) to point to their doc and describe uses of it, basically
profiling it
- stays open
>
> AI-0032
> Write text for non-use of artifact confirmation data
> Rob Philpott
>
- CLOSED
>
> AI-0033
> Generative non-normative "Differences between SAML 1.1 and SAML
> 1.0" document
> Prateek Mishra
>
- Prateek: hopes to generate sometime today
>
> AI-0038: Continue developing Metadata specs
> Owner: Jahan Moreh
>
- Jahan: published draft 6 on Friday
- significantly changed from previous version
- appendix lists issues addressed and their resolutions
- awaiting comments
>
> AI-0037: Example text on use of XML DSIG
> Owner: Scott Cantor
>
- Scott: provided to Eve, not sure if in docs
- Rob: yes, it is in docs
- CLOSED
>
> AI-0036: Glossary updates - SSO Assertion, attribute assertion
> Owner: Eve Maler
>
- CLOSED
>
> AI-0035: Refer to Liberty and WSS SAML Profile
> Owner: Eve Maler
>
- CLOSED
>
> AI-0034: Correct document use of xsd:ID
> Owner: Eve Maler
>
- still open
- Scott: sent email this morning
< http://www.oasis-open.org/archives/security-services/
200305/msg00070.html >
- in the course of implementing 1.1, encountered the 2 issues
described in the email
- was going to raise as a last call issue
- if we need to rectify while Eve is out, he can do it
- most serious mistake is in schema, using IDREF, which is only
for references within the doc
- we may need to move up the hierarchy to a xsd:NCName type
- Rob: is this a true technical issue?
- Scott: thinks so
- Rob: does that mean we'll need to restart the Last Call process?
- Jeff: we made the rules up
- suggests after last call, put all the comments together and have
a vote to determine whether you passed last call or not
- is leery of schema changes
- Frederick: thinks WS-Security had similar situation
- Scott: anything derived from IDREF implies the reference points to
something in the document
- the use cases in WS-Security are different than here
- Jeff: section 7 of WS-Security is where this arises
- Scott: described 2nd issue in this morning's email
- people whose parsers choke on this will either have to patch
their parsers or change the schema in order to use our schema
- tossed around with Eve question of what we get out of our layer
of indirection (saml:IDType)
- currently, there isn't any value
- would be invasive to change
- Steve: not changing it would seem to have big impact
>
> 6. Any other business
>
- Prateek: issues with DoNotCache
- will send note to list
- Jahan: will we continue with weekly calls?
- Prateek: thinks we should through at least 20 May
- Errata
- everything is closed
>
> 7. Adjourn
>
- Adjourned
----------------------------------------------------------------------
Attendance of Voting Members:
Irving Reid Baltimore
Hal Lockhart BEA
Carlisle Adams Entrust
Scott Cantor Individual
Bob Morgan Individual
Prateek Mishra Netegrity
Frederick Hirsch Nokia
Timo Skytta Nokia
Steve Anderson OpenNetwork
Rob Philpott RSA Security
Dipak Chopra SAP
Jahan Moreh Sigaba
Bhavna Bhatnagar Sun
Jeff Hodges Sun
Emily Xu Sun
Phillip Hallam-Baker Verisign
Attendance of Observers or Prospective Members:
Jason Rouault HP
Membership Status Changes:
Trevor Perrin Individual - Granted voting status after call
--
Steve
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]