OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Minutes for SSTC Telecon, Tuesday 2004-01-20

With attendance/membership info added at the end ...
Steve Anderson

-----Original Message-----
From: RL 'Bob' Morgan [mailto:rlmorgan@washington.edu]
Sent: Tuesday, January 20, 2004 6:09 PM
To: OASIS Security Services TC
Subject: [security-services] Minutes for SSTC Telecon, Tuesday



  Minutes from 2004-01-06 call accepted
  Schema extensibility:  block all substitution
    (section 3.1, option 1 from sstc-maler-schema-extension-01.pdf)

  Previous Action Items Still Open:

  #0115: Update metadata drafts with ID-FF 1.2 materials
  #0114: Propose language to address attribute-based federation
  #0112: Update (W-7) discovery protocol solution proposal
  #0111: Request updated liberty draft on proxied SSO
  #0110: Feedback from LECP profile interop
  #0109: Security concerns with LECP profile
  #0106: Owner for W-8: Authentication Context
  #0105: Respond to IBM Analysis Paper
  #0104: Follow-up on current Meta-data proposals
  #0100: Revise draft-sstc-solution-profile-kerberos-01
  #0099: Review solution proposal in draft-sstc-attribute-02
  #0098: Why does XACML use a URI-based type system
  #0097: Update draft-sstc-attribute-02 with AttributeNamespace Usage
  #0086: Non-HTTP use-cases related to the LECP profile

  New Action Items:

  #  Clarify Issuer vs Signer relationship in SAML
     (prompted by XACML discussion of per-attribute Issuer)

                             Raw Notes

minutes approved from previous call (2004-01-06)

February F2F
  ballot will be posted for indication of attendance
  dial-in will be provided at particular times

1.1 interop at RSA conference
  conf call held on 2004-01-16, 10-12 participants
    both browser profiles
  separate list being used ... info to be sent to SSTC list by RP
    Irving Reid is list maintainer

review of work items without apparent solution proposals:

W-2a:  SSO with Attribute Exchange
W5:  SSO Profile Enhancements
  Prateek will publish material by end of week

W-5b:  SOAP client profile
  JeffH:  sent note indicating that some other work constitutes SP
    Scott:  add in some other proposed stuff too
  Jeff:  not to preclude submission by Tony, but this item should not go
  JohnH:  may be able to work on this before F2F
    concern about overall shape of final documentation
  MikeM:  will be owner, will commit to produce something by next week
    JohnH also will contribute, as will others

W-8:  authn context
  JeffH:  Bill Howard not able to work on this
    will commit to producing something by F2F

W-9:  XML enc
  Hal not on call, status unknown

W-14:  SAML server trust
  JeffH:  non-normative doc, so only "nice to have"
    working to have Liberty trust models doc submitted, author John Linn
  may be able to be released

W-15:  delegation / intermediaries
  BobM:  brief stuff posted earlier today
  Scott:  some stuff is waiting on SSO profile changes
  RonM:  also interested, there is related material in WSS-SAML
    about assertion chaining and obtaining assertions/keys
  Scott to produce next doc

W-17:  cred collector
  JeffH:  SOAP client material covers some of this, also Kerb
  JohnL:  generalizing Kerb stuff makes it the same, right?
  JeffH:  propose to merge with W-5b
    Prateek:  OK

W-19:  HTTP-based Assertion referencing
  Scott:  solution proposal in use-case doc, needs revision, will do

W-21:  Baseline Attribute Namespaces
  BobM:  covered as part of general attribute proposal

W-30:  Migration paths
  Scott:  work going on in Liberty ...

issues list:

#0115:  Jahan will update soon

#0114:  Prateek will publish by next Tuesday

#0113:  Scott:  this is complete

#0112:  Scott:  remains open, will do

#0111:  Scott:  will be discussed at upcoming Liberty F2F, remains open

#0110:  FrederickH:  still need to check with Liberty

#0109:  MaryAnnH:  will work with Tony on clarifying security issue

#0108:  FH:  closed

#0107:  proposal sent to list earlier today, so item closed

#0106:  remains open

#0105:  respond to IBM security analysis
  Scott:  will be responded to based on 2.0 profiles

#0104:  remains open

#0103:  EveM:  proposal sent last night,
  presents extensibility requirements and choices
  EM:  do these meet people's requirements?  (rumbles of consent ...)
    some "success stories" available based on extensions in the world
    current language in conformance protecting against hostile extensions
      need for listing this as requirement?
  SC:  many people don't validate because extensions turn into "must
    understand everything"
  Irving:  goal is to be able to parse document with extension even if
    don't have schema for extension at hand
  EM:  this is pretty strong ...
    can this be a "SHOULD", note effect on Conformance doc
  EM:  presentation of recommendation options ...
  re namespaces:
    BM:  issues re SAML-Attribute namespace captured in
    attribute solution proposal, other Namespace issues?
    IR:  also comes up with Subject nameidentifier ...

making decisions about the above proposals:
motion:  block all substitution (described in section 3.1, option 1)
  passed with unanimous consent
anyType proposal (in 3.2):  not yet baked ...
Scott:  if want to restrict globalness, just avoid global elements
  EM:  this is possible ...

#0102:  proposal posted, item closed

#0101:  poll set up, item closed

  JohnH:  maybe two docs, one to cover generalized version
    another with Kerberos specifics
  Jeff, Scott:  OK

#0099:  remains open
  considerable discussion was had on XACML focus call 2004-01-15
    some items in attribute proposal tentatively resolved
  some followup on XACML list
  BobM:  new Issue about SAML spec needing text describing relationship
    between Issuer and signer of an assertion, since understanding this is
    required for XACML policies to be written

#0098:  remains open

#0097:  remains open

#0086:  remains open

#0084:  closed

Focus call will happen next week, 2004-01-27
Scott:  proposed new text for core based on Von Welch thread
  hoping to discuss that on focus call

adjourned at 10:32 PST


Attendance of Voting Members

  Frank Siebenlist Argonne Natl Lab
  Gavenraj Sodhi Computer Associates
  John Hughes Entegrity Solutions
  Irving Reid HP
  Jason Rouault HP
  Paula Austel IBM
  Maryann Hondo IBM
  Michael McIntosh IBM
  Scott Cantor Individual
  Bob Morgan Individual
  Rebekah Lepro NASA
  Prateek Mishra Netegrity
  Conor Cahill Netscape/AOL
  Peter Davis Neustar
  Frederick Hirsch Nokia
  John Kemp Nokia
  Timo Skytta Nokia
  Charles Knouse Oblix
  Steve Anderson OpenNetwork
  Jim Lien RSA
  John Linn RSA Security
  Rob Philpott RSA Security
  Jahan Moreh Sigaba
  Jeff Hodges Sun
  Eve Maler Sun
  Emily Xu Sun
  Mike Beach The Boeing Company

Attendance of Prospective Members or Observers

  Tim Alsop CyberSafe
  Paul Madsen Entrust
  Rick Randal Booz Allen Hamilton
  Ron Monzillo Sun
  Darren Platt Ping Identity
  Bhavna Bhatnagar Sun
  Miguel Pallares Ericsson
  Tim Moses Entrust

Membership Status Changes
  Von Welch NCSA - Granted voting status after 1/20/2004 call
  Tim Alsop CyberSafe - Granted voting status after 1/20/2004 call
  Paul Madsen Entrust - Granted voting status after 1/20/2004 call
  Bhavna Bhatnagar Sun - Requested membership 1/16/2004
  Miguel Pallares Ericsson - Requested membership 1/20/2004
  Tim Moses Entrust - Withdrew 1/6/2004
  Carolina Canales-Valenzuela Ericsson - Lost prospective status after 1/20/2004 call

To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/security-services/members/leave_workgroup.php.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]