OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Agenda for SSTC Conference Call, April 13


CONFERENCE CALL NUMBER AND CODE:
NEW PHONE NUMBER:

it is now +1 865 673 6950 , code 351-8396#


1. Accept minutes from Austin F2F, 30 March - 1 April

http://lists.oasis-open.org/archives/security-services/200404/msg00020.html

2. Review recent document updates

http://www.oasis-open.org/apps/org/workgroup/security/download.php/6347/sstc
-saml-core-2.0-draft-10-diff.pdf

http://www.oasis-open.org/apps/org/workgroup/security/download.php/6289/sstc
-saml-profiles-2.0-draft-05-diff.pdf

http://www.oasis-open.org/apps/org/workgroup/security/download.php/6324/sstc
-saml-bindings-2.0-draft-09-diff.pdf

3. Refine recent proposals into proposed text

(a) separate SSO-validity from overall assertion validity

http://lists.oasis-open.org/archives/security-services/200404/msg00012.html

Followup proposal from:

http://lists.oasis-open.org/archives/security-services/200404/msg00014.html

"So my idea would be to define a set of attributes in
SubjectConfirmationData
when the method is bearer. Among them would be NotOnOrAfter and probably any
other stuff that needed to be signed as part of profiles that use this
confirmation method."


(b) XACML TC Recommendations for <saml:AttributeDesignator> "metadata"

http://lists.oasis-open.org/archives/security-services/200404/msg00019.html


(c) Discussion on Kerberos issues. Several messages have been exchanged. Do
we have resolution? I couldn't find a summary message.

 
(d) Following discussion at the F2F, there is now a "Attribute Profiles for
SAML 2.0" document. This provides a general framework for defining varied
attribute profiles, such as those based on X.500/LDAP syntax or GUID.

http://www.oasis-open.org/apps/org/workgroup/security/download.php/6344/sstc
-hughes-mishra-baseline-attributes-03.pdf

Should this remain a "non-normative" document? Should it not be viewed as an
additional profile document?


(e) Request to change signature ordinality in Assertion/Request/Response

http://lists.oasis-open.org/archives/security-services/200404/msg00028.html



4. Deferred items from F2F

(a) Hal to summarize SAML ITU-T status 

 (b) Deferred item: Review AI and list and extract dates from owners/close
items
 
 (c) Deferred item: Establish which work items are "complete" and those that
need work
 
 (d) Defferred item: John Kemp - ??examine authentication context method??

  (e) Any others that require airtime?



5. Action Items from F2F (clarify owners and timeline if needed, I will
enter them into the AI repository after the call)
----------------------------------------------------------------------------
----------

1. AI: Jeff H (or Scott?): Write up info for migration document describing
Subject changes 

2. AI: JohnK to propose text to meet the privacy needs when using specific
NameID Format values. 

3. AI: All doc editors: We need to update the contributors vs. the editors 

4. Review at some future point: EncryptedNameID recipient attribute 

5. Resolution: Extensions element - change Extension to use ##other 

6. AI: Artifact Protocol: Review/fix boilerplate text re: recommendation for
protecting messages 

7. AI: RL Bob/Irving: Need to change the wording for the first paragraph
under section 3.5.3 Processing Rules. 

8. AI: Scott: propose change to RegisterNameIdentifier to handle unregister
case and consider specifying an attribute that identifies intent of
operation. 

9. Follow-up: Examine SAML schema for consistent use of XML attributes vs.
elements 

10. AI:  Eve: Optional subject implemented in core spec prose. Schema shows
that subject is optional.
 
11. AI: Hal, Scott?- Follow-up: Need schema and some examples for use of
encryption. 

12. AI: Hal: revise proposal to include decisions made re: encryption along
with details on use cases. 
 
13. AI:  Editors: Produce spec text that adheres to encryption proposal for
group review. 

14. AI: Hal: Look at SOAP binding and make sure hand waving on WS-Security
works.
 
15. AI: Eve will send a follow-up message to Anne Anderson, which may be
possible to discuss at an XACML meeting tomorrow. (This AI has already been
completed)
 
16. AI: Chairs to solicit comments on use of gzip encoding for URL encoding 
 
17. AI: Jeff Hodges will make a concrete proposal for a common artifact
format. 
 
18. AI: Fred Hirsch will propose text re: FIPS cipher suites. 
 
19. AI: Scott: Relax AuthenticationStatement Occurrence 
 
20. AI: Prateek takes ownership of driving a discussion on limiting
combinations of bindings in conformance document.
 
21. AI: (Frederick?) ECP Section 3.3.4.1 - need to add back SOAP Header to
allow an ECP to get info from the SP without having to parse AuthnRequest. 
 
22. AI: (unassigned) - re: Validity - Document the solution proposal by
which issuers are not constrained by 
 
23. AI: RL 'Bob' - need text in Core explaining notion of ValidityPeriod is
tied to 1)
 
24. AI: Scott Cantor - re: validity - add ReauthenticateOnOrAfter 
 
25 AI: On hold (John Kemp) - make schema changes so that AM and AuthContext
are parallel choices 

26. AI: Prateek & Rob - send out message requesting opinions on deprecation
of SAML AuthenticationMethod URIs 
 
27. AI: Scott - Determine how Kerberos principals can be represented as
NameIdentifiers. 

28. AI: Prateek - forward Technical Overview 1.1 to external parties that
had comments on draft 

29. AI: Chairs - publish message to list asking for review of technical
overview 1.1 and indicate that vote to bring to committee draft will be at
SSTC meeting in two weeks from this week. 

30. AI: Jeff H - to propose glossary definition for binding and profile,
issue TECH-4 
 
31. AI: Scott - "Binding conditions" proposal 
 
32. AI: Prateek - to review core for locations where privacy considerations
are implicit 
 
33. AI: Eve - implement decision on core 18 after checking with Ron 

 34. AI: Hal - to send focus call information to XACML list regarding SSTC
focus call 
 
 35. AI: Rob - put Kavi polls for location and dates for next F2F 
 
  36. AI: Prateek - to put out notice to saml-dev, id-ff vendors and others
for saml2 related implementation experience, now, give early notice
regarding later attestations. 
 
 37.  AI: JeffH - send notice to Liberty members requesting interest in
creating SSTC implementations from parties that have met Liberty 1.1
conformance tests 

38.  AI: Eve -  publish tentative schedule on home page 

39. AI: Eve to publish core-09 by Tuesday 

40. AI: Frederick to send his updates on bindings and profile to Scott who
will then incorporate additional edits. 

41. AI: John H - draft of technical 1 pager with final deadine end of April 
 



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]