OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Agenda for the April 27 Conference Call



Agenda for SSTC Telecom, Tuesday, 27 April
------------------------------------------

Dial in info: +1 865 673 6950 #351-8396


1. Approval of Minutes from Previous Conference Call

http://lists.oasis-open.org/archives/security-services/200404/msg00057.html



2. F2F Meeting Ballots have closed


I can attend during the week of 07-June  13 I can attend during the week of
14-June  13  

With Toronto leading.


3. F2F Proposed dates

Monday,    June 14, 10:00-5:00
Tuesday,   June 15, 9:00-5:00
Wednesday, June 16, 9:00-2:00

HP/Irving Reid to host in Toronto, Ontario, Canada


4. 

(a) proposal concerning attributes in core text and relationship to SAML
Attribute Profiles document:


	(1) The SAML Core document retain a fairly high-level approach
towards
	<samlp:AttributeQuery> and <saml:AttributeDesignator> elements. In
	particular, it should not specify elements/attributes/values which
are 	of interest only to particular communities. 

	We would retain URI-based attribute naming within core and
	also include language explaining how to determine
	identity of <attributedesignators> for this case


	This would also mean removal of <samlp:Resource> 

	(2) Guidance on creating specific attribute profiles be provided in
a
	separate document (A first cut is available in the most recent draft
of 	the Attribute Profiles for SAML 2.0,
	draft-hughes-mishra-baseline-attributes-03.pdf). This would include
the
	naming profiles (ValueType attribute), any additional XML attributes
defined 	by the profile, syntax for attribute names, rules for
determining equality of attribute designators.

	(3) Specific attribute profiles of interest to the SAML community be
added
	to the document. The current document includes definitions of a
X.500/LDAP and DCE UUID profile. 


(b) XACML Attribute Profile Proposal 

	We see value in there being a SAML attribute profile that is
compatible 	with XACML's needs.  Such a profile would in no way
constrain    	application of the more general definition of SAML.

	To this end, we make the following proposal: we would develop a
profile 	for SAML attributes that are to form input to an XACML
decision engine.  
        Such a profile would be progressed under the procedures of the SAML
committee, 
        but the XACML committee would supply the development effort.  
        Members of the SAML committee (of course) would be expected to
review the profile 
        from the point of view of consistency with the aims of the SAML
committee and to 
        approve it as one of their products.

	There are a number of reasons for proposing this as a SAML (rather
than 	an
	XACML) work item.  The first is that we want to ensure that the SAML
expertise is 
	brought to bear on the topic.  The second is that we expect SAML
attribute 
	designers to seek guidance amongst the documents of the SAML
committee, 	rather than 
	any other (such as XACML).  The final reason is that
	(obviously) we ARE talking about a profile of the SAML spec., not
the 	XACML spec..


(c)  Review of recently published drafts

 
http://www.oasis-open.org/apps/org/workgroup/security/download.php/6527/sstc
-saml-authn-context-2.0-draft-04a-diff.sxw


 
http://www.oasis-open.org/apps/org/workgroup/security/download.php/6438/sstc
-saml-profiles-2.0-draft-06-diff.pdf


(d) Action Item Review 

    CONSOLIDATED LIST TO FOLLOW IN THE AM
	


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]