OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Agenda for Conference Call on November 25


1. Accept minutes from November 11 Conference Call
http://lists.oasis-open.org/archives/security-services/200311/msg00044.html


2. Charter Vote Status
http://www.oasis-open.org/apps/org/workgroup/security/ballot.php?id=268&;

Following the rules in 
http://www.oasis-open.org/committees/process.php#charter

the TC has voted to update its charter. We will continue to move forward
with the next steps as described in the OASIS rules.


3. Proposed F2F Schedule
Recognizing that we have spent a certain amount of time on procedural
matters, the chairs have proposed the following dates for the next two F2F
meetings:

(a)  Week of Februrary 2 (F2F #3 - East Coast)

(b)  Week of March 29 (F2F#4 - West Coast)


4. Proposed schedule for scoping and solution proposals
http://lists.oasis-open.org/archives/security-services/200311/msg00106.html

5. Interoperability challenges
   How to respond to commentary?
 
http://lists.oasis-open.org/archives/security-services/200311/msg00027.html

   Proposal 
  (a): SAML 1.1 InterOp Event at RSA2004 

http://lists.oasis-open.org/archives/security-services/200311/msg00031.html

   We need to identify an owner: Rob?

  (b): Identify vendor(s) or sites where SAML 1.1 test suite is available

http://lists.oasis-open.org/archives/security-services/200311/msg00091.html

  We need to identify an owner: ?


6. Eve has published revised work item list 
http://lists.oasis-open.org/archives/security-services/200311/msg00098.html
which includes discussion of use-case scoping for several work items.

We should begin voting on scope on each of the work items as soon as
use-cases are available or adequately defined.


W-1: decide whether to accept advanced use case in addition to base
W-2: reconcile base and extension use cases
W-2a: decide whether to accept use case 
W-3: reconcile Scott and Prateek use cases
W-5 and W-5a: select among use cases
W-7: decide whether to accept use case 
W-8: decide whether to accept use case
W-15: decide whether to accept use case
W-17: decide whether to accept use case
W-19: decide whether to accept use case
W-21: decide whether to accept both base and advanced use cases
W-25: decide whether to accept both base and bridge server use cases
W-28a: reconcile Scott and Rebekah use cases
W-28d: decide whether to accept use case



7. Open Action Items

#0095: Use Case for W-9: XML Encryption 
Owner: Hal Lockhart 
Status: Open 
Assigned: 24 Nov 2003 
Due: --- 
Comments:
Prateek Mishra 2003-11-24 06:23 GMT
Hal will write the use-case for general XML encryption of SAML assertions.
This is distinct from Scott Cantor's work on encrypting name identifiers. 

----------------------------------------------------------------------------
----
 
#0094: Use-Case for W-6: Proxied SSO 
Owner: Scott Cantor 
Status: Open 
Assigned: 24 Nov 2003 
Due: --- 
Comments:
 

----------------------------------------------------------------------------
----
 
#0093: Discovery Protocol Solution Proposal 
Owner: Scott Cantor 
Status: Open 
Assigned: 23 Nov 2003 
Due: --- 
Comments:
Prateek Mishra 2003-11-24 04:36 GMT
AI: Scott Cantor: AI is to take relevant spec from Liberty and produce draft
proposal 

----------------------------------------------------------------------------
----
 
#0092: Assertion-level Subject 
Owner: Conor Cahill 
Status: Open 
Assigned: 23 Nov 2003 
Due: --- 
Comments:
Prateek Mishra 2003-11-24 04:31 GMT
AI: Scott Cantor: Connor submitted the Assertion level subject, so he will
be owner if connor doesn't join 

----------------------------------------------------------------------------
----
 
#0091: Solution proposal for null attribute issue 
Owner: Rob Philpott 
Status: Open 
Assigned: 23 Nov 2003 
Due: --- 
Comments:
Prateek Mishra 2003-11-24 04:31 GMT
AI: Rob Philpott: RSA guy made null attribute request, therefore he'll own. 

----------------------------------------------------------------------------
----
 
#0090: SAML elements with mixed version sub-elements 
Owner: Eve Maler 
Status: Open 
Assigned: 23 Nov 2003 
Due: --- 
Comments:
Prateek Mishra 2003-11-24 04:29 GMT
Can a SAML 2.0 response include SAML 1.1 assertion?s The general question is
whether SAML containers of version 2.0 can hold elements belonging to
previous versions. 

----------------------------------------------------------------------------
----
 
#0089: Describe Identity Provider, Service Provider and other roles 
Owner: Eve Maler 
Status: Open 
Assigned: 23 Nov 2003 
Due: --- 
Comments:
Prateek Mishra 2003-11-24 04:25 GMT
This is an action generated during the discussion on the issue list at the
F2F. The point here is that we are moving away from source site terminology
and going towards a new set of terms. 

----------------------------------------------------------------------------
----
 
#0088: Understanding ID-FF AuthNContext Elements 
Owner: Scott Cantor 
Status: Open 
Assigned: 23 Nov 2003 
Due: --- 
Comments:
Prateek Mishra 2003-11-24 03:56 GMT
Scott will find someone who understands ID-FF AuthNContext work to explicate
difference between statementRef and class. Ref is reallife URI that implies
context. Class notion is some sort of higher order 

----------------------------------------------------------------------------
----
 
#0087: UCs for Making Assertions about Issuers of Assertions 
Owner: Irving Reid 
Status: Open 
Assigned: 23 Nov 2003 
Due: --- 
Comments:
Prateek Mishra 2003-11-24 03:51 GMT
ACTION: Scott, Bob, and Irving will develop UCs for Making Assertions about
Issuers of Assertions 

----------------------------------------------------------------------------
----
 
#0086: Non-HTTP use-cases related to the LECP profile 
Owner: Bob Morgan 
Status: Open 
Assigned: 23 Nov 2003 
Due: --- 
Comments:
Prateek Mishra 2003-11-24 03:27 GMT
ACTION: Bob Morgan - more use cases. More generic use cases, may be not
involving HTTP. May involve web dav. 

----------------------------------------------------------------------------
----
 
#0085: Define SAML (it could be derived from LA 1.1) 
Owner: Prateek Mishra 
Status: Open 
Assigned: 23 Nov 2003 
Due: --- 
Comments:
Prateek Mishra 2003-11-24 03:24 GMT
We want to add flows from SP to the IdP in SAML 2.0. To do so we need a
design for an AuthNRequest element. 

----------------------------------------------------------------------------
----
 
#0084: Reconcile terminology in glossary and current use-case document 
Owner: John Kemp 
Status: Open 
Assigned: 23 Nov 2003 
Due: --- 
Comments:
Prateek Mishra 2003-11-24 03:19 GMT
Terminology used in sstc-saml-2.0-issues-draft-01.pdf is not consistent with
terminology found in the current SAML glossary. 

----------------------------------------------------------------------------
----
 
#0083: Gap Analysis between ID-FF proposals and John Kemp Use Cases 
Owner: John Kemp 
Status: Open 
Assigned: 23 Nov 2003 
Due: --- 
Comments:
Prateek Mishra 2003-11-24 03:16 GMT
ACTION from October 24 F2F: SSTC to direct John Kemp to do a gap analysis
based on Liberty's spec. How much work is needed to support richer notion of
session?

Prateek Mishra
Netegrity
 
p: 781-530-6564
c: 617-875-4970



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]