OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Eve AIs from the last F2F

Regarding my status on the collected action items from the F2F minutes:

Philpott, Robert wrote:
> Action Item Summary and items that need followup:
>    1. AI: Jeff H (or Scott?): Write up info for migration document
>       describing Subject changes
>    2. AI: JohnK to propose text to meet the privacy needs when using
>       specific NameID Format values.
>    3. AI: All doc editors: We need to update the contributors vs. the
>       editors

We will do this as CD time approaches.  I'm happy to do this editing in 
all of the specs, since it's easier for one person to do this cutting 
and pasting in rapid-fire fashion.

>    4. Review at some future point: EncryptedNameID recipient attribute
>    5. Resolution: Extensions element - change Extension to use ##other

This is done in core-10, I believe.

>    6. AI: Artifact Protocol: Review/fix boilerplate text re:
>       recommendation for protecting messages
>    7. AI: RL Bob/Irving: Need to change the wording for the first
>       paragraph under section 3.5.3 Processing Rules.
>    8. AI: Scott: propose change to RegisterNameIdentifier to handle
>       unregister case and consider specifying an attribute that
>       identifies intent of operation.
>    9. Follow-up: Examine SAML schema for consistent use of XML
>       attributes vs. elements

This is now an issue in the issues list.

>   10.  AI:  Eve: Optional subject implemented in core spec prose. Schema
>       shows that subject is optional.

Scott did this in core-10.  People should take a look at the diffs in 
this draft.  (I have one question, myself...)

>   11.  Follow-up: Need schema and some examples for use of encryption.

Scott and I haven't had time to do this, but it's on our list.

>   12.  AI: Hal: revise proposal to include decisions made re: encryption
>       along with details on use cases.
>   13.  AI:  Editors: Produce spec text that adheres to encryption
>       proposal for group review.
>   14.  AI: Hal: Look at SOAP binding and make sure hand waving on
>       WS-Security works.
>   15.  AI: Eve will send a follow-up message to Anne Anderson, which may
>       be possible to discuss at an XACML meeting tomorrow. (This AI has
>       already been completed)

There's been further back-and-forth on this; hopefully we'll discuss today.

>   16.  AI: Chairs to solicit comments on use of gzip encoding for URL
>       encoding
>   17.  AI: Jeff Hodges will make a concrete proposal for a common
>       artifact format.
>   18.  AI: Fred Hirsch will propose text re: FIPS cipher suites.
>   19.  AI: Scott: Relax AuthenticationStatement Occurrence
>   20.  AI: Prateek takes ownership of driving a discussion on limiting
>       combinations.
>   21.  AI: (Frederick?) ECP Section - need to add back SOAP
>       Header to allow an ECP to get info from the SP without having to
>       parse AuthnRequest.
>   22.  AI: (unassigned) - re: Validity - Document the solution proposal
>       by which issuers are not constrained by
>   23.  AI: RL 'Bob' - need text in Core explaining notion of
>       ValidityPeriod is tied to 1)
>   24.  AI: Scott Cantor - re: validity - add ReauthenticateOnOrAfter
>   25.  AI: On hold - make schema changes so that AM and AuthContext are
>       parallel choices

Scott did a little work in this general area in core-10, and John K. has 
been hard at work on the authn context classes.  I think we'll 
*probably* be able to make AM go away...

>   26.  AI: Prateek & Rob - send out message requesting opinions on
>       deprecation of SAML AuthenticationMethod URIs
>   27.  AI: Scott - Determine how Kerberos principals can be represented
>       as NameIdentifiers.

Scott has added a new name identifier URI for Kerb principals in core-10.

>   28.  AI: Prateek - forward Technical Overview 1.1 to external parties
>       that had comments on draft
>   29.  AI: Chairs - publish message to list asking for review of
>       technical overview 1.1 and indicate that vote to bring to
>       committee draft will be at SSTC meeting in two weeks from this week.
>   30.  AI: Jeff H - to propose glossary definition for binding and
>       profile, issue TECH-4
>   31.  AI: Scott - "Binding conditions" proposal
>   32.  AI: Prateek - to review core for locations where privacy
>       considerations are implicit
>   33.  AI: Eve - implement decision on core 18 after checking with Ron

(That's the "CORE-18" issue; I hadn't realized that the issue numbers 
would look ambiguous next to particular revs of the core document!) 
This is done in rev core-10.

>   34.  AI: Hal - to send focus call information to XACML list regarding
>       SSTC focus call
>   35.  AI: Rob - put Kavi polls for location and dates for next F2F
>   36.  AI: Prateek - to put out notice to saml-dev, id-ff vendors and
>       others for saml2 related implementation experience, now, give
>       early notice regarding later attestations.
>   37.  AI: JeffH - send notice to Liberty members requesting interest in
>       creating SSTC implementations from parties that have met Liberty
>       1.1 conformance tests
>   38.  AI: Eve -  publish tentative schedule on home page


>   39.  AI: Eve to publish core-09 by Tuesday

Done, though late -- historical now!

>   40.  AI: Frederick to send his updates on bindings and profile to
>       Scott who will then incorporate additional edits.
>   41.  AI: John H - draft of technical 1 pager with final deadine end of
>       April
>   42.  Deferred item: Discuss ITU-T status at upcoming con-call.
>   43.  Deferred item: Baseline Attribute Status and Next Steps -
>       sstc-hughes-mishra-baseline-attributes-01 (yet to appear :-)
>   44.  Deferred item: Review AI and list and extract dates from
>       owners/close items
>   45.  Deferred item: Establish which work items are "complete" and
>       those that need work
>   46.  Deffered item: John Kemp - examine authentiation context method

Eve Maler                                        +1 781 442 3190
Sun Microsystems                            cell +1 781 354 9441
Web Products, Technologies, and Standards    eve.maler @ sun.com

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]