OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Agenda for SSTC Conference Call, May 11

My action items: 

> 5.    Open Action Items
> #0153: add ReauthenticateOnOrAfter
> Owner: Scott Cantor

Still open, should be done in next draft.

> #0150: Relax Single AuthNStatement Constraint
> Owner: Scott Cantor
> Status: Open

I believe this may be nominally done, but Bob and I talked about this a
couple of weeks ago, and I'm fairly sure this is a bad idea, unless we do a
better job of explaining what multiple statements are supposed to mean. I
think the old profile is underspecified.

I haven't heard a use case yet for multiple authn statements in this profile
that made sense to me.

> #0148: Artifact format proposal for SAML 2.0
> Owner: Jeff Hodges

I guess this was Jeff's, but I raised it last focus call, and this is done.

> #0139: Followup on a recipient attribute for the encryption key
> Owner: Scott Cantor

Still open, but suspect we need to normatively create some kind of
definition for this thing we varyingly refer to as entityID, providerId,
etc. The intent is to normatively establish a length-limited URI as a
vehicle for identifying system entities in the SAML domain model. Suggest we
add this to core and hang additional spec off of that foundation.

> #0138: Schema snippet for UID Attribute Profile
> Owner: Scott Cantor

Still open.

> #0136: SSO Validity Proposal to be moved into bindings draft
> Owner: Scott Cantor

Believe this is done in latest profiles draft.

> #0133: Review role of EncryptedNameID recipient attribute
> Owner: Scott Cantor

Think this is a duplicate of 139 (or vice versa). 

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]