Re: [security-services] SSTC October 14 Minutes

[Paula K Austel <pka@us.ibm.com>]

Please note that I requested membership
on 10/14. 
 
Thanks,
Paula Austel


----------------------------------------------------------
Paula K. Austel
Web Services Security
IBM T.J. Watson Research Center
(914)784-5025
Tieline 863-5025

"Hal Lockhart" <hlockhar@bea.com> 10/17/2003 04:58 PM

To:        <security-services@lists.oasis-open.org>         cc:                 Subject:        [security-services] SSTC October 14 Minutes

Prateek Mishra Chaired.

Roll taken.

Attendance of Voting Members:

  Hal Lockhart BEA
  John Hughes Entegrity Solutions
  Irving Reid HP
  Maryann Hondo IBM
  Anthony Nadalin IBM
  Scott Cantor Individual
  Bob Morgan Individual
  Rebekah Lepro NASA
  Prateek Mishra Netegrity
  Frederick Hirsch Nokia
  Charles Knouse Oblix
  Steve Anderson OpenNetwork
  Eric Gravengaard Reactivity
  Jim Lien RSA
  John Linn RSA Security
  Dipak Chopra SAP
  Jahan Moreh Sigaba
  Bhavna Bhatnagar Sun
  Jeff Hodges Sun
  Eve Maler Sun
  Emily Xu Sun


Attendance of Observers or Prospective Members:

  Timo Skytta Nokia
  Michael McIntosh IBM
  Gavenraj Sodhi CA
  John Kemp Individual
  Sameer Sharma Lockheed
  Derek Fu IBM
  Paula Austel IBM
  Frank Siebenlist Argonne Natl Lab


Membership Status Changes:

  Michael McIntosh IBM - Requested membership 10/10/2003
  Gavenraj Sodhi CA - Requested membership 10/14/2003
  Krishna Sankar Cisco - Withdrew 10/1/2003
  Ronald Jacobson Computer Associates - Lost voting status due to
inactivity
  Senthil Sengodan Nokia - Lost voting status due to inactivity
  Simon Godik OverXeer - Lost voting status due to inactivity


Minutes from Sep 30, Conference Call were accepted.
http://lists.oasis-open.org/archives/security-services/200309/msg00103.html



Logistics for October 22-24 Meeting

final head count
availability of call in
start time on Wed? 1:30
Can you get there by train? Yes
Breakout room for WS-I bSP call on Thursday at 12:00

Chairs will publish an Agenda by COB Friday 10/17

Charter Update Vote:
http://lists.oasis-open.org/archives/security-services/200309/msg00105.html

Tony Nadalin objectted to the new charter as noted in his email.
SOme discussion followed.

Vote was taken:

Maryann Hondo IBM and Anthony Nadalin IBM voted Nay.
All other members present voted Aye.
There were no abstentions.
Charter was approved.


Soliciting a volunteer for SSTC liason to ITU
http://lists.oasis-open.org/archives/security-services/200310/msg00035.html

No volunteers yet. Hal said that he might be able to represent both SAML
and
XACML. He also suggested that people could volunteer even if they could
not
commit to going to Geneva in March.

Question: is there a time limit by which they need a volunteer? Chairs
to
check with Karl.



Discussion of Action Items:

#0082: Promised V2.0 Changes

Owner: Eve Maler, Frederick Hirsch

Status: Frederick's part is complete, Eve's is not.

Change Item to be Eve only and still Open


 #0078: IssuerName Enhancement

Owner: Rebekah Lepro

Status: Closed

Irving: Is there a use case for this?

Hal: part of joint OGSI/XACML submission

Rebekah: Makes it easier to map between SAML and XACML

#0077: Authorization Decision Reconciliation

Owner: Hal Lockhart

Status: Closed


#0076: XACML Proposal for Policy Transport

Owner: Hal Lockhart

Status: Closed

Hal: Should this be done in SAML or XACML? Want to know before F2F next
week.
Scott: Only makes sense for SAML to defined generic policy extension point,
rest should be XACML.
General agreement. XACML will work item. Will consider generic Policy
element.

#0075: Attribute Reconciliation

Owner: Rebekah Lepro

Status: Closed

#0074: Create SAML 2.0 issues list

Owner: Eve Maler

Status: Closed

Eve: there is still one open issue looking for a champion. May interact
with
other schema changes.

#0073: Extract enhancement requests from current issues list

Owner: Eve Maler

Status: CLosed - done prior to last F2F

#0070 SAML as a SASL security mechanism

Owner: Bob Morgan

ACTION: Was closed WI #18 created


#0069: Baseline Attribute Namespaces

Owner: Bob Morgan

Status: In progress


#0068: Delegation and Intermediaries

Owner: Bob Morgan

Status: Open


#0066: SSO Profile Enhancements

Owner: Prateek Mishra

Status: Open Prateek will publish note on issues with Liberty

Scott: treat this as a binding issue


#0065: Credentials Collector

Owner: Tim Moses

Status: Closed


#0064: Metadata and Exchange Protocol

Owner: Jahan Moreh

Status: Closed (AKA Discovery) proposed Liberty mechanisms

Jeff: Is actually deployed today in top level DNS servers - will publish
info


#0063: Profile Enhancements for Metadata

Owner: Jahan Moreh

Status: Closed - line changes proposed against 1.1 spec - likely more will
be needed for 2.0


#0061: Kerberos Use Cases for SAML 2.0

Owner: John Hughes

Status: Closed


#0060: Publish pointer to SAML 1.0 Session Materials

Owner: Hal Lockhart

Status: Open - posted during meeting will close next time.

Eve: FOur work items need owners

8 - Authorization context - someone from Entrust (or Voda) will take it

12 Attribute Retrieval
22 Assertion Caching
23 Security Work Flow

After discussion it was decided to defer these for a few months and take
a
look at them again before 2.0 is finished

Ajourn


To unsubscribe from this mailing list (and be removed from the roster of
the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/security-services/members/leave_workgroup.php.