[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Agenda for SSTC Conference Call. December 9
Agenda for SSTC Conference Call, December 9, 2003 -------------------------------------------- 1. Accept minutes from November 25 Conference Call http://lists.oasis-open.org/archives/security-services/200311/msg00169.html 2. Finalize dates for Boston F2F (week of February 2) 3. RSA2004 SAML 1.1 InterOp Next Steps http://lists.oasis-open.org/archives/security-services/200312/msg00036.html 4. Use-Case Scope Finalization Note that latest scope document is available from: http://www.oasis-open.org/apps/org/workgroup/security/download.php/4434/sstc -saml-scope-2.0-draft-11.pdf We will go through those work items that have been identified as requiring use-case scoping, re-affirm ownership and vote if needed. +++++++++++++++++++++++ W-1: Session Support Vote or achieve consensus on functionality as described in http://lists.oasis-open.org/archives/security-services/200312/msg00038.html P1 : SAML AA (authentication authority) creates and maintains session P2: Mechanism to propagate session identifier from AA to SP P3: Request-Response Protocol for Logout P4: Idle-timeout protocol based on AA polling SP's about user-activity P5: Static timeout notification: AA indicates to SP SessionTimeout and SessionIdleTimeout values +++++++++++++++++++++++ W-2: Identity Federation Accept use-case as described in scope document +++++++++++++++++++++++ W-2a: SSO with attribute exchange Accept use-case as described in scope document +++++++++++++++++++++++ W-3: Metadata and Exchange Protocol Accept use-case as described in scope document +++++++++++++++++++++++ W-5: SSO Profile Enhancements - Use Case is flow from SP to IdP Accept use-case as described in scope document +++++++++++++++++++++++ W-5a: LECP Profile Accept use-case as described in scope document +++++++++++++++++++++++ W-5b: SOAP Client Profile Accept use-case as described in scope document NOTE: We need an owner for this work item +++++++++++++++++++++++ W-6: Proxied SSO Accept use-case as described in http://lists.oasis-open.org/archives/security-services/200312/msg00001.html (missing from scope document) +++++++++++++++++++++++ W-7: Discovery Protocol Accept use-case as described in scope document +++++++++++++++++++++++ W-8: Authentication Context Accept use-case as described in scope document +++++++++++++++++++++++ W-9: XML Encryption Accept use-case as described in http://lists.oasis-open.org/archives/security-services/200311/msg00116.html http://lists.oasis-open.org/archives/security-services/200312/msg00039.html (missing from scope document) ++++++++++++++++++++++++ W-15: Delegation and Intermediaries Accept use-case as described in http://lists.oasis-open.org/archives/security-services/200312/msg00004.html http://lists.oasis-open.org/archives/security-services/200312/msg00035.html http://lists.oasis-open.org/archives/security-services/200312/msg00040.html http://lists.oasis-open.org/archives/security-services/200312/msg00041.html (missing from scope document) ++++++++++++++++++++++++ W-17: Credential Collector Proposal Accept use-case as described in scope document +++++++++++++++++++++++++ W-19: HTTP-based Assertion Referencing Accept use-case as described in scope document ++++++++++++++++++++++++++ W-21: Baseline Attribute Namespaces There are two choices here: P1: Restrict to X500/LDAP attribute names and types as described in draft-morgan-SAML-attr-500 P2: Extend to include attribute names relevant to database, UDDI etc. (scope document describes both of the use-cases) +++++++++++++++++++++++++++ W-25: Kerberized Web Browser Profile Accept use-case as described in Section 3.2 of draft-sstc-use-kerberos +++++++++++++++++++++++++++++ W-28a2: Reconcile existing attribute usage with XACML Accept use-case as described in scope document ++++++++++++++++++++++++++++++ W-28d: Issuer Name Enhancement Accept use-case as described in scope document ++++++++++++++++++++++++++++++ 5. Open Action Items #0096: Find an owner for W28a1: Existing attribute Usage Codification Owner: Status: Open Assigned: 08 Dec 2003 Due: --- Comments: ---------------------------------------------------------------------------- ---- #0093: Discovery Protocol Solution Proposal Owner: Scott Cantor Status: Open Assigned: 23 Nov 2003 Due: --- Comments: Prateek Mishra 2003-11-24 04:36 GMT AI: Scott Cantor: AI is to take relevant spec from Liberty and produce draft proposal ---------------------------------------------------------------------------- ---- #0088: Understanding ID-FF AuthNContext Elements Owner: Scott Cantor Status: Open Assigned: 23 Nov 2003 Due: --- Comments: Prateek Mishra 2003-11-24 03:56 GMT Scott will find someone who understands ID-FF AuthNContext work to explicate difference between statementRef and class. Ref is reallife URI that implies context. Class notion is some sort of higher order ---------------------------------------------------------------------------- ---- #0087: UCs for Making Assertions about Issuers of Assertions Owner: Irving Reid Status: Open Assigned: 23 Nov 2003 Due: --- Comments: Prateek Mishra 2003-11-24 03:51 GMT ACTION: Scott, Bob, and Irving will develop UCs for Making Assertions about Issuers of Assertions Prateek Mishra 2003-12-08 22:25 GMT Scott has published a note on this issue: http://lists.oasis-open.org/archives/security-services/200310/msg00213.html Bob and Irving will comment. ---------------------------------------------------------------------------- ---- #0086: Non-HTTP use-cases related to the LECP profile Owner: Bob Morgan Status: Open Assigned: 23 Nov 2003 Due: --- Comments: Prateek Mishra 2003-11-24 03:27 GMT ACTION: Bob Morgan - more use cases. More generic use cases, may be not involving HTTP. May involve web dav. ---------------------------------------------------------------------------- ---- #0084: Reconcile terminology in glossary and current use-case document Owner: John Kemp Status: Open Assigned: 23 Nov 2003 Due: --- Comments: Prateek Mishra 2003-11-24 03:19 GMT Terminology used in sstc-saml-2.0-issues-draft-01.pdf is not consistent with terminology found in the current SAML glossary.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]