[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Agenda for the April 27 Conference Call
If possible, I'd like to take advantage of having a quorum to decide the priority-A issues on the issues list: http://www.oasis-open.org/committees/download.php/6259/sstc-saml-2.0-issues-draft-08-diff.pdf CORE-11 Validity Period of Identifiers CORE-19 Multiple Encryption Keys and Recipient Information CORE-20 Change AuthnContextStatement Element Name BIND-3 Establish a Mandatory Profile TECH-2 Versioning of Elements TECH-3 Impersonation Using SubjectConfirmation and KeyInfo I expect that some of these, at least, should be relatively easy to settle. We had prioritized them as A's, not necessarily because of their "degree of difficulty," but because we felt implementors would need to know their outcome as soon as possible. (I also think we should try and knock down the prio-B's on the May 11 call...) Eve Mishra, Prateek wrote: > Agenda for SSTC Telecom, Tuesday, 27 April > ------------------------------------------ > > Dial in info: +1 865 673 6950 #351-8396 > > > 1. Approval of Minutes from Previous Conference Call > > http://lists.oasis-open.org/archives/security-services/200404/msg00057.html > > > > 2. F2F Meeting Ballots have closed > > > I can attend during the week of 07-June 13 I can attend during the week of > 14-June 13 > > With Toronto leading. > > > 3. F2F Proposed dates > > Monday, June 14, 10:00-5:00 > Tuesday, June 15, 9:00-5:00 > Wednesday, June 16, 9:00-2:00 > > HP/Irving Reid to host in Toronto, Ontario, Canada > > > 4. > > (a) proposal concerning attributes in core text and relationship to SAML > Attribute Profiles document: > > > (1) The SAML Core document retain a fairly high-level approach > towards > <samlp:AttributeQuery> and <saml:AttributeDesignator> elements. In > particular, it should not specify elements/attributes/values which > are of interest only to particular communities. > > We would retain URI-based attribute naming within core and > also include language explaining how to determine > identity of <attributedesignators> for this case > > > This would also mean removal of <samlp:Resource> > > (2) Guidance on creating specific attribute profiles be provided in > a > separate document (A first cut is available in the most recent draft > of the Attribute Profiles for SAML 2.0, > draft-hughes-mishra-baseline-attributes-03.pdf). This would include > the > naming profiles (ValueType attribute), any additional XML attributes > defined by the profile, syntax for attribute names, rules for > determining equality of attribute designators. > > (3) Specific attribute profiles of interest to the SAML community be > added > to the document. The current document includes definitions of a > X.500/LDAP and DCE UUID profile. > > > (b) XACML Attribute Profile Proposal > > We see value in there being a SAML attribute profile that is > compatible with XACML's needs. Such a profile would in no way > constrain application of the more general definition of SAML. > > To this end, we make the following proposal: we would develop a > profile for SAML attributes that are to form input to an XACML > decision engine. > Such a profile would be progressed under the procedures of the SAML > committee, > but the XACML committee would supply the development effort. > Members of the SAML committee (of course) would be expected to > review the profile > from the point of view of consistency with the aims of the SAML > committee and to > approve it as one of their products. > > There are a number of reasons for proposing this as a SAML (rather > than an > XACML) work item. The first is that we want to ensure that the SAML > expertise is > brought to bear on the topic. The second is that we expect SAML > attribute > designers to seek guidance amongst the documents of the SAML > committee, rather than > any other (such as XACML). The final reason is that > (obviously) we ARE talking about a profile of the SAML spec., not > the XACML spec.. > > > (c) Review of recently published drafts > > > http://www.oasis-open.org/apps/org/workgroup/security/download.php/6527/sstc > -saml-authn-context-2.0-draft-04a-diff.sxw > > > > http://www.oasis-open.org/apps/org/workgroup/security/download.php/6438/sstc > -saml-profiles-2.0-draft-06-diff.pdf > > > (d) Action Item Review > > CONSOLIDATED LIST TO FOLLOW IN THE AM -- Eve Maler +1 781 442 3190 Sun Microsystems cell +1 781 354 9441 Web Products, Technologies, and Standards eve.maler @ sun.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]