OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Minutes for SSTC Conference Call, November 11, 2003

Title: Minutes for SSTC Conference Call, November 11, 2003

11-Nov SSTC con-call meeting


Attendance of Voting Members:

  Hal Lockhart BEA

  Gavenraj Sodhi Computer Associates

  John Hughes Entegrity Solutions

  Tim Moses Entrust

  Irving Reid HP

  Paula Austel IBM

  Maryann Hondo IBM

  Michael McIntosh IBM

  Anthony Nadalin IBM

  Scott Cantor Individual

  Bob Morgan Individual

  Rebekah Lepro NASA

  Prateek Mishra Netegrity

  Frederick Hirsch Nokia

  Charles Knouse Oblix

  Steve Anderson OpenNetwork

  Eric Gravengaard Reactivity

  Jim Lien RSA

  John Linn RSA Security

  Rob Philpott RSA Security

  Dipak Chopra SAP

  Jahan Moreh Sigaba

  Bhavna Bhatnagar Sun

  Jeff Hodges Sun

Attendance of Observers or Prospective Members:

  Senthil Sengodan Nokia

  Conor Cahill Netscape/AOL

  Timo Skytta Nokia

Membership Status Changes:

  Senthil Sengodan Nokia - Granted voting status after 11/11/2003 call

  Greg Whitehead Individual - Granted voting status after 11/11/2003 call

  Timo Skytta Nokia - Requested membership 10/28/2003

  Peiyin Pai Computer Associates - Lost voting status after 11/11/2003 call

  Richard Levinson Netegrity - Lost prospective status after 10/28/2003 call

  Robert Aarts Nokia - Lost prospective status after 11/11/2003 call

1. Accept minutes from SSTC F2F: Oct 22-24

-       Minutes from Wed Oct 22 Afternoon to Friday, Oct 24 Morning (includes attendance list)
o       http://lists.oasis-open.org/archives/security-services/200310/msg00184.html
-       Minutes from Friday, Oct 24, Afternoon
o       http://lists.oasis-open.org/archives/security-services/200310/msg00192.html
-       Comments, Corrections
o       http://lists.oasis-open.org/archives/security-services/200310/msg00209.html

-       Minutes accepted with no objection to unanimous consent

2. Accept minutes from SSTC Conference Call, October 28, 2003

-       http://lists.oasis-open.org/archives/security-services/200310/msg00198.html

-       Minutes accepted with no objection to unanimous consent

3. Proposed Amendment to SSTC Standing Rules

-       http://lists.oasis-open.org/archives/security-services/200311/msg00026.html
-       Jeff H moved that the current SSTC standing rule re: e-mail ballots be removed
-       Hal L 2nd
-       Discussion:
o       Current standing rule is historical and is now obsolete as it is superceded by current TC guidelines
o       Held some discussion on the process for doing email balloting and motioning
-       Motion accepted with no objection to unanimous consent
-       Discussion continued on whether there was any interest in permitting TC members to initiate motions by e-mail.  This requires a standing rule.  There was no interest.

ACTION: Chairs to update the standing rules to remove the reference to e-mail ballots.

4. Proposed Charter Update: 

-       Charter text may be found in the document repository
o       sstc-saml-charter-2.0-draft-02.pdf
o       Notice went out: http://lists.oasis-open.org/archives/security-services/200311/msg00025.html
o       OASIS TC Process rules for charter clarification are given at http://www.oasis-open.org/committees/process.php#charter

-       Jeff H: Moves to accept the updated charter
-       Bob M: 2nd
-       Discussion:
o       Tony - IBM posted comments (see Tony's message: http://lists.oasis-open.org/archives/security-services/200311/msg00039.html)

o       What are the voting requirements? 2/3 of total TC voting membership; Not 2/3 of members present at quorum meeting.

o       Frederick: Procedural motion to initiate TC electronic ballot for updating charter with the ballot to be initiated following the close of the Nov 11 con-call.

·       Mike McIntosh: 2nd
·       Discussion: None.
·       Vote: No objection to unanimous consent.
o       Discussion on original motion is in scope during the week and will occur on the list.
o       Bob M would like any suggested revised language to be posted during the voting period.  The revised text will not be part of this vote, but will help in making a decision regarding the current text.

ACTION: Rob to set up electronic ballot for the charter clarification vote to open at 2pm lasting for 7 days.

5. Scoping use-cases for accepted work items

-       http://lists.oasis-open.org/archives/security-services/200311/msg00033.html
-       Jeff: List of good-to-go items are clear. Discussion of other items is needed.
-       Prateek: even some good-to-go items need to be more carefully scoped.
-       Working through Eve's list of work items:

ACTION: Scott has AI for writing use case for W-6.  Bob M will help/review.

-       W-8 Authentication Context:
§       Prateek: Need a champion.  Jeff: Champion is on the call -> Bill Howard from Vodaphone will drive it.
§       Tony: Is there a timeout for the item? We set timelines at F2F.
§       Prateek - Yes we need deadlines.
§       Hal: what worked in XACML was to set 3 dates for each work item:
·       use case/champion/rough scope
·       agreement on solution
·       agreement on document text and schema
§       There is general agreement that this is a good approach for us to also use

-       W-9: XML-Encryption
o       Hal agreed to co-own it with Scott. 
o       Hal: Wasn't the use case published as part of another item by Scott?
o       Scott - That use case and solution proposal only covered Name Identifier encryption.  Need a general use case as well.

ACTION: Hal will write general XML-Encryption use case for W-9

-       W-10: Back Office Profile
o       Prateek - This was folded into W15 (delegation).  Thus, W-10 is not an active work item.

-       W-11: Not an active work item

-       W-12: Pushed onto reassessment list. No use case.  No Owner.

-       W-13: Formally deferred.

-       W-14: Jeff: item won't have functional bearing on protocol or assertion.  But description of how to establish trust agreements is useful.

o       Remains active - awaiting "use case" and proposal on putting framework around SAML and trust relationships.
o       Make this a "Blue" item with Jeff's name.

-       W-15: in progress.

-       W-17: Jeff - should be a "blue" item.

ACTION: Prateek: Review color code of all items.

-       W-18: Should just be a liason item, not a TC deliverable.  Shouldn't be one of the current color codes.

ACTION: Prateek - work with Eve on how to mark liason items and to review all current color-coded items.

-       W-20: Need to ping Dale Moberg and Matt MacK re: activity.  Move this item to "Liason" list.

-       W-21: active.

-       W-26: Change state to reassess.

-       W-27: Put Tony's name on it.  Working through internal IBM process before info can be released.

-       W-28b: sent back to XACML. Not active SSTC work item.

-       W-28c: also sent back to XACML.  But we still need to decide what to do with it from SSTC perspective (e.g. deprecate?).  Close this item but should be on issue list

ACTION: Prateek - ensure it is on issue list.

-       W-30: Put Scott down as an owner. Prateek will co-own.

End of list.

Tony: Prateek's list has some items that aren't in Eve's list.

Prateek: Eve's list is master list. 

Scott - would like Prateek's list info be embedded into Eve's list

Tony - second that idea. General agreement

ACTION: Prateek: work with Eve to incorporate his changes with pointers to use cases, etc.

6. Open Action Items:

#0072  Authentication Context

Owner: Jeff Hodges

Now closed.

7. Other business

Bob M: Since we don't trust the Kavi mail notification system, do we need a standing rule to have the chairs send specific email re: any electronic ballots?

Rob: Don't think it should be a standing rule, but chairs should to do this as a matter of practice.


8. Motion to adjourn.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]