OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [security-services] Agenda for the April 27 Conference Call


If possible, I'd like to take advantage of having a quorum to decide the 
priority-A issues on the issues list:

http://www.oasis-open.org/committees/download.php/6259/sstc-saml-2.0-issues-draft-08-diff.pdf

CORE-11 Validity Period of Identifiers
CORE-19 Multiple Encryption Keys and Recipient Information
CORE-20 Change AuthnContextStatement Element Name
BIND-3 Establish a Mandatory Profile
TECH-2 Versioning of Elements
TECH-3 Impersonation Using SubjectConfirmation and KeyInfo

I expect that some of these, at least, should be relatively easy to 
settle.  We had prioritized them as A's, not necessarily because of 
their "degree of difficulty," but because we felt implementors would 
need to know their outcome as soon as possible.

(I also think we should try and knock down the prio-B's on the May 11 
call...)

	Eve

Mishra, Prateek wrote:

> Agenda for SSTC Telecom, Tuesday, 27 April
> ------------------------------------------
> 
> Dial in info: +1 865 673 6950 #351-8396
> 
> 
> 1. Approval of Minutes from Previous Conference Call
> 
> http://lists.oasis-open.org/archives/security-services/200404/msg00057.html
> 
> 
> 
> 2. F2F Meeting Ballots have closed
> 
> 
> I can attend during the week of 07-June  13 I can attend during the week of
> 14-June  13  
> 
> With Toronto leading.
> 
> 
> 3. F2F Proposed dates
> 
> Monday,    June 14, 10:00-5:00
> Tuesday,   June 15, 9:00-5:00
> Wednesday, June 16, 9:00-2:00
> 
> HP/Irving Reid to host in Toronto, Ontario, Canada
> 
> 
> 4. 
> 
> (a) proposal concerning attributes in core text and relationship to SAML
> Attribute Profiles document:
> 
> 
> 	(1) The SAML Core document retain a fairly high-level approach
> towards
> 	<samlp:AttributeQuery> and <saml:AttributeDesignator> elements. In
> 	particular, it should not specify elements/attributes/values which
> are 	of interest only to particular communities. 
> 
> 	We would retain URI-based attribute naming within core and
> 	also include language explaining how to determine
> 	identity of <attributedesignators> for this case
> 
> 
> 	This would also mean removal of <samlp:Resource> 
> 
> 	(2) Guidance on creating specific attribute profiles be provided in
> a
> 	separate document (A first cut is available in the most recent draft
> of 	the Attribute Profiles for SAML 2.0,
> 	draft-hughes-mishra-baseline-attributes-03.pdf). This would include
> the
> 	naming profiles (ValueType attribute), any additional XML attributes
> defined 	by the profile, syntax for attribute names, rules for
> determining equality of attribute designators.
> 
> 	(3) Specific attribute profiles of interest to the SAML community be
> added
> 	to the document. The current document includes definitions of a
> X.500/LDAP and DCE UUID profile. 
> 
> 
> (b) XACML Attribute Profile Proposal 
> 
> 	We see value in there being a SAML attribute profile that is
> compatible 	with XACML's needs.  Such a profile would in no way
> constrain    	application of the more general definition of SAML.
> 
> 	To this end, we make the following proposal: we would develop a
> profile 	for SAML attributes that are to form input to an XACML
> decision engine.  
>         Such a profile would be progressed under the procedures of the SAML
> committee, 
>         but the XACML committee would supply the development effort.  
>         Members of the SAML committee (of course) would be expected to
> review the profile 
>         from the point of view of consistency with the aims of the SAML
> committee and to 
>         approve it as one of their products.
> 
> 	There are a number of reasons for proposing this as a SAML (rather
> than 	an
> 	XACML) work item.  The first is that we want to ensure that the SAML
> expertise is 
> 	brought to bear on the topic.  The second is that we expect SAML
> attribute 
> 	designers to seek guidance amongst the documents of the SAML
> committee, 	rather than 
> 	any other (such as XACML).  The final reason is that
> 	(obviously) we ARE talking about a profile of the SAML spec., not
> the 	XACML spec..
> 
> 
> (c)  Review of recently published drafts
> 
>  
> http://www.oasis-open.org/apps/org/workgroup/security/download.php/6527/sstc
> -saml-authn-context-2.0-draft-04a-diff.sxw
> 
> 
>  
> http://www.oasis-open.org/apps/org/workgroup/security/download.php/6438/sstc
> -saml-profiles-2.0-draft-06-diff.pdf
> 
> 
> (d) Action Item Review 
> 
>     CONSOLIDATED LIST TO FOLLOW IN THE AM

-- 
Eve Maler                                        +1 781 442 3190
Sun Microsystems                            cell +1 781 354 9441
Web Products, Technologies, and Standards    eve.maler @ sun.com



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]