RE: [security-services] Agenda for Conference Call on November 25

["Hal Lockhart" <hlockhar@bea.com>]

I would like to add an item about clarifying the Liberty IPR claims.

Hal

> -----Original Message-----
> From: Mishra, Prateek [mailto:pmishra@netegrity.com]
> Sent: Monday, November 24, 2003 1:53 AM
> To: 'security-services@lists.oasis-open.org'
> Subject: [security-services] Agenda for Conference Call on November 25
>
>
> 1. Accept minutes from November 11 Conference Call
> http://lists.oasis-open.org/archives/security-services/200311/msg0
> 0044.html
>
>
> 2. Charter Vote Status
> http://www.oasis-open.org/apps/org/workgroup/security/ballot.php?id=268&;
>
> Following the rules in
> http://www.oasis-open.org/committees/process.php#charter
>
> the TC has voted to update its charter. We will continue to move forward
> with the next steps as described in the OASIS rules.
>
>
> 3. Proposed F2F Schedule
> Recognizing that we have spent a certain amount of time on procedural
> matters, the chairs have proposed the following dates for the next two F2F
> meetings:
>
> (a)  Week of Februrary 2 (F2F #3 - East Coast)
>
> (b)  Week of March 29 (F2F#4 - West Coast)
>
>
> 4. Proposed schedule for scoping and solution proposals
> http://lists.oasis-open.org/archives/security-services/200311/msg0
> 0106.html
>
> 5. Interoperability challenges
>    How to respond to commentary?
>
> http://lists.oasis-open.org/archives/security-services/200311/msg0
> 0027.html
>
>    Proposal
>   (a): SAML 1.1 InterOp Event at RSA2004
>
> http://lists.oasis-open.org/archives/security-services/200311/msg0
> 0031.html
>
>    We need to identify an owner: Rob?
>
>   (b): Identify vendor(s) or sites where SAML 1.1 test suite is available
>
> http://lists.oasis-open.org/archives/security-services/200311/msg0
> 0091.html
>
>   We need to identify an owner: ?
>
>
> 6. Eve has published revised work item list
> http://lists.oasis-open.org/archives/security-services/200311/msg0
> 0098.html
> which includes discussion of use-case scoping for several work items.
>
> We should begin voting on scope on each of the work items as soon as
> use-cases are available or adequately defined.
>
>
> W-1: decide whether to accept advanced use case in addition to base
> W-2: reconcile base and extension use cases
> W-2a: decide whether to accept use case
> W-3: reconcile Scott and Prateek use cases
> W-5 and W-5a: select among use cases
> W-7: decide whether to accept use case
> W-8: decide whether to accept use case
> W-15: decide whether to accept use case
> W-17: decide whether to accept use case
> W-19: decide whether to accept use case
> W-21: decide whether to accept both base and advanced use cases
> W-25: decide whether to accept both base and bridge server use cases
> W-28a: reconcile Scott and Rebekah use cases
> W-28d: decide whether to accept use case
>
>
>
> 7. Open Action Items
>
> #0095: Use Case for W-9: XML Encryption
> Owner: Hal Lockhart
> Status: Open
> Assigned: 24 Nov 2003
> Due: ---
> Comments:
> Prateek Mishra 2003-11-24 06:23 GMT
> Hal will write the use-case for general XML encryption of SAML assertions.
> This is distinct from Scott Cantor's work on encrypting name identifiers.
>
> ------------------------------------------------------------------
> ----------
> ----
>
> #0094: Use-Case for W-6: Proxied SSO
> Owner: Scott Cantor
> Status: Open
> Assigned: 24 Nov 2003
> Due: ---
> Comments:
>
>
> ------------------------------------------------------------------
> ----------
> ----
>
> #0093: Discovery Protocol Solution Proposal
> Owner: Scott Cantor
> Status: Open
> Assigned: 23 Nov 2003
> Due: ---
> Comments:
> Prateek Mishra 2003-11-24 04:36 GMT
> AI: Scott Cantor: AI is to take relevant spec from Liberty and
> produce draft
> proposal
>
> ------------------------------------------------------------------
> ----------
> ----
>
> #0092: Assertion-level Subject
> Owner: Conor Cahill
> Status: Open
> Assigned: 23 Nov 2003
> Due: ---
> Comments:
> Prateek Mishra 2003-11-24 04:31 GMT
> AI: Scott Cantor: Connor submitted the Assertion level subject, so he will
> be owner if connor doesn't join
>
> ------------------------------------------------------------------
> ----------
> ----
>
> #0091: Solution proposal for null attribute issue
> Owner: Rob Philpott
> Status: Open
> Assigned: 23 Nov 2003
> Due: ---
> Comments:
> Prateek Mishra 2003-11-24 04:31 GMT
> AI: Rob Philpott: RSA guy made null attribute request, therefore
> he'll own.
>
> ------------------------------------------------------------------
> ----------
> ----
>
> #0090: SAML elements with mixed version sub-elements
> Owner: Eve Maler
> Status: Open
> Assigned: 23 Nov 2003
> Due: ---
> Comments:
> Prateek Mishra 2003-11-24 04:29 GMT
> Can a SAML 2.0 response include SAML 1.1 assertion?s The general
> question is
> whether SAML containers of version 2.0 can hold elements belonging to
> previous versions.
>
> ------------------------------------------------------------------
> ----------
> ----
>
> #0089: Describe Identity Provider, Service Provider and other roles
> Owner: Eve Maler
> Status: Open
> Assigned: 23 Nov 2003
> Due: ---
> Comments:
> Prateek Mishra 2003-11-24 04:25 GMT
> This is an action generated during the discussion on the issue list at the
> F2F. The point here is that we are moving away from source site
> terminology
> and going towards a new set of terms.
>
> ------------------------------------------------------------------
> ----------
> ----
>
> #0088: Understanding ID-FF AuthNContext Elements
> Owner: Scott Cantor
> Status: Open
> Assigned: 23 Nov 2003
> Due: ---
> Comments:
> Prateek Mishra 2003-11-24 03:56 GMT
> Scott will find someone who understands ID-FF AuthNContext work
> to explicate
> difference between statementRef and class. Ref is reallife URI
> that implies
> context. Class notion is some sort of higher order
>
> ------------------------------------------------------------------
> ----------
> ----
>
> #0087: UCs for Making Assertions about Issuers of Assertions
> Owner: Irving Reid
> Status: Open
> Assigned: 23 Nov 2003
> Due: ---
> Comments:
> Prateek Mishra 2003-11-24 03:51 GMT
> ACTION: Scott, Bob, and Irving will develop UCs for Making
> Assertions about
> Issuers of Assertions
>
> ------------------------------------------------------------------
> ----------
> ----
>
> #0086: Non-HTTP use-cases related to the LECP profile
> Owner: Bob Morgan
> Status: Open
> Assigned: 23 Nov 2003
> Due: ---
> Comments:
> Prateek Mishra 2003-11-24 03:27 GMT
> ACTION: Bob Morgan - more use cases. More generic use cases, may be not
> involving HTTP. May involve web dav.
>
> ------------------------------------------------------------------
> ----------
> ----
>
> #0085: Define SAML (it could be derived from LA 1.1)
> Owner: Prateek Mishra
> Status: Open
> Assigned: 23 Nov 2003
> Due: ---
> Comments:
> Prateek Mishra 2003-11-24 03:24 GMT
> We want to add flows from SP to the IdP in SAML 2.0. To do so we need a
> design for an AuthNRequest element.
>
> ------------------------------------------------------------------
> ----------
> ----
>
> #0084: Reconcile terminology in glossary and current use-case document
> Owner: John Kemp
> Status: Open
> Assigned: 23 Nov 2003
> Due: ---
> Comments:
> Prateek Mishra 2003-11-24 03:19 GMT
> Terminology used in sstc-saml-2.0-issues-draft-01.pdf is not
> consistent with
> terminology found in the current SAML glossary.
>
> ------------------------------------------------------------------
> ----------
> ----
>
> #0083: Gap Analysis between ID-FF proposals and John Kemp Use Cases
> Owner: John Kemp
> Status: Open
> Assigned: 23 Nov 2003
> Due: ---
> Comments:
> Prateek Mishra 2003-11-24 03:16 GMT
> ACTION from October 24 F2F: SSTC to direct John Kemp to do a gap analysis
> based on Liberty's spec. How much work is needed to support
> richer notion of
> session?
>
> Prateek Mishra
> Netegrity
>
> p: 781-530-6564
> c: 617-875-4970
>
>
> To unsubscribe from this mailing list (and be removed from the
> roster of the OASIS TC), go to
http://www.oasis-open.org/apps/org/workgroup/security-services/members/leave
_workgroup.php.