[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Minutes for Telecon, Tuesday 22 June 2004
In "7. Recent document updates", changed the duplicate URL to point to Paul's Exec Overview draft. Thanks to Frederick for the catch. -- Steve Anderson OpenNetwork -------------------------------------------------------------------------------------- Minutes for SSTC Telecon, Tuesday 22 June 2004 Dial in info: +1 865-673-6950 #351-8396 Minutes taken by Steve Anderson ====================================================================== Summary ====================================================================== Votes: - Minutes from 8 June 2004 call accepted - Begin weekly quorum calls July 6, with quorate portion expected to occur in first hour, and focus portion to follow for remainder - Remove XKMS as an authentication method - Accept all recommendation from F2F concerning Issues disposition ====================================================================== Raw Notes ====================================================================== > > Agenda: > > 1. Roll call > - Attendance attached to bottom of these minutes - Quorum achieved > > 2. Accept minutes from 8 June concall > < http://lists.oasis-open.org/archives/security-services/ > 200406/msg00050.html > > < http://lists.oasis-open.org/archives/security-services/ > 200406/msg00054.html > > - [VOTE] unanimous consent, accepted > > 2b.Accept minutes from 15-17 June F2F > < http://lists.oasis-open.org/archives/security-services/ > 200406/msg00078.html > > - Tony: can we approve minutes from a non-quorate meeting? - just accepting as input to this meeting - Irving: rather than accept the decisions all at once, we should review the decisions as an agenda item - Tony: it's the same as a focus group call - Prateek: goal would be to approve recommendations - [no vote taken] - Rob: proceed with reviewing schedule > > 3. Review schedule and note any changes/updates > > June 15: V2.0 F2F in Toronto > June 22: Review updates since f2f. > June 29: Both Prateek and I will be out -- anyone want a focus call > this week? > > > July 6: All specification suite documents must have incorporated all > input from the list and F2F #5. Note that this gives us 3 > weeks since the F2F to complete all document changes and to > resolve issues and action items. This now begins sort of a > pre-last-call deadline for final input. Depending on how > well things come together, we might possibly start our TC > last call here, but we opted to allow another week before > doing that. > July 13: VOTE to start 2-week committee last call period (includes > external public review). > July 20: Review any last call input to date. > July 27: Cut-off date for TC last call input. All outstanding issues > have been dealt with according to the last call process. The > specs now become our "candidate" Committee Drafts and the TC > addresses any outstanding non-normative editorial issues > August 3: VOTE to move spec's to "Committee Draft" status (requires > YES votes from 2/3 of ALL voting members). VOTE to move CD > spec's into 30-day Public Review for OASIS standardization > (majority vote). Edit doc's for CD status. Notify TC admin > of the start of formal Public Review. > September 7: (first call following 30-day public review): Make sure > all public review comments have been properly > dispatched. Final editorial changes must be complete. > VOTE to re-approve spec's as final Committee Draft and > VOTE to submit to OASIS for standardization. > September 8-15: Complete all submission paperwork. All submissions > for an October voting period must be complete by > September 15. > - Eve: this 29 June call a focus call? - Prateek: there is a proposal to go to weekly formal calls - Rob: Jeff's suggestion was to make first part of weekly calls "official" with votes, etc, then treat remainder as focus call - Irving: so, do we start weekly calls next week with chair pro tem, or just wait until July 6? - [MOTION] Begin weekly quorum calls July 6, with quorate portion expected to occur in first hour, and focus portion to follow for remainder - [VOTE] no objections, accepted - Conor: will this be indefinitely? - Jeff: in the past this has been until docs got into OASIS for approval - can cancel meetings as appropriate - Irving: eventually, someone will propose returning to bi-weekly > > 4. Review action item list from F2F and determine status of each > (a) any missing actions? > (b) clarification and dates > - Prateek: we'll review the minutes from the F2F, with goal of accepting recommendations as a set - starting with AI's at top - 1. Editors to resolve submission process for additional Authn Context classes / Bindings / Profiles - JohnK: thinks this became general question of process, not specific to these docs - Scott: there was complaint about boilerplate text - JohnK: do we think current process for submission of profiles is sufficient? - Rob: there's another AI for submission process - Scott: question is whether submitted profiles get added to single profile doc or not - we can just say "there is a process", and later post the process on the web site - [ACTION] JohnK & Scott to propose text concerning process for submitting new profiles, etc. - 2. JohnK and Scott to move Authn Context Declarations to XML Schema centric approach - JohnK: has been working on this, thinks he's got it solved - should have new draft prior to next week's meeting - [OWNER: JohnK] - 3. Scott to ping Peter for additional text, subsequent to that there will need to be a review to ensure that the appropriate SHOULDs etc are there. - Scott: has pinged him, still waiting - [CLOSED] - 4. Scott to reorganize section 4 (Metadata) to clarify - Scott: related to 3 - Peter has more thoughts on these - remains OPEN - 5. Scott to clean up the text around the different types of profiles in Section 1.1 - Scott: remains open - 6. investigate profile designator for statement and query - potentially allowing for endpoint metadata - issue was whether NULL profile was needed, etc - [OWNER: Scott] - 7. Scott to talk to RL Bob (re: BER & DER issues in LDAP/X.500 profile?) - Scott: initial AI was done - result is that intent was, in fact, different - need someone to propose new text - [CLOSED] - Scott: will see RLBob next week, and can ask him what he thinks we should do - would characterize this more as an Issue than Action - [ACTION] RLBob to review & propose text for handling syntax of attr values - 8. Prateek to ping John H for clarification (re: UUID's being used with attribute values) - Prateek: we completed this the next day - [CLOSED] - 9. Scott to incorporate into document. include reference to Appendix A. (re: XACML profile) - Prateek: issue was to include a section on XACML - still OPEN - 10. Need clarification as to what is the target namespace for the DataType element? (re: XACML profile) - Prateek: thought this was an action to Scott - do we need inputs from XACML on this? - Scott: don't think it matters - if we put it in core, it will be in our namespace - if we put it in a profile, it will need a separate ns - we decided to move FriendlyName to core, since it is shared by multiple profiles - still OPEN - 11. Paul Madsen to take the exec overview document - Paul: posted first draft to list - CLOSED - awaiting feedback - 12. Scott will investigate use of wiki on Oasis site - Scott: this will wait - still OPEN - 13. chairs to put item regarding errata process on the concall agenda - [OWNER: Prateek, Rob] - Scott: sense of meeting was to establish a 2.0 errata process now - Prateek: idea was that in 1.0, we didn't have such a process, which lead to confusion - Jahan: can we not follow what we did for 1.1? - Scott: don't want to publish whole new rev for errata - Hal: OASIS has only recently accepted notion of errata - 14. (Jeffh) Resolve status of RFC (re: syntax of UUID as URI) - Jeff: done, posted to list - CLOSED - 15. (Scott) to document the well-known values for the DCE attribute name - stays OPEN - 16. (Scott) Will fix spec. to be more precise about use of encryption with name identifiers (per discussion on PKI-based attr profile) - Scott: done in next working draft - CLOSED - 17. Rick R. (and customer) should read and accept the OASIS IPR policy for document submission - Rick: planning to send it today - stays OPEN - 18. (chairs) discuss + resolve general approach to new profile - Prateek: duplicate of #1 - CLOSED - 19. Jeff to add security context to Glossary - stays OPEN - 20. Jeff to help with sequence diagrams for profiles - Jeff: in progress - stays OPEN - 21. Rob to enumerate the implementation declarations/claims of interest. Prateek and Scott will contribute - Prateek: wasn't this completed on day 3? on a spreadsheet? - Rob: yes, but still has long way to go - sent to list - CLOSED - 22. Hal will look at OneTimeUse text again and attempt to clarify - Hal: in progress - stays OPEN - 23. John K. to clarity text on 909-911 on SessionIndex - stays OPEN - related to 24 - 24. John K. to look up why SessionIndex is required - stays OPEN - related to 23 - 25. Scott to propose alternate text for section 22.214.171.124, strike 126.96.36.199-188.8.131.52 and rewrite 184.108.40.206-220.127.116.11 - stays OPEN - 26. Hal to get expert advice on how to prevent caching by proxies and user agents - stays OPEN - Prateek: on to Issues - 1. Deprecation/removal of XKMS authn context class - should these just be added to Issues list? - Scott: some were resolved - could be added to Issues list and closed - JohnK: on XKMS, we did remove it as an authentication method, but it could be added back as a sort of OCSP-like mechanism - Eve: should be approve the removal on this call? - [MOTION] Remove XKMS as an authentication method - [VOTE] no objections, accepted - 2. Versioning in Profiles and Metadata - CLOSED - related to version attr that was added to element - resolution was to remove version attr, and the element that was the endpoint type would relate directly to profile version - [ISSUE] Versioning of profiles in general - 3. How to represent support for attribute profiles in metadata - definitely not yet resolved - needs to be captured in Issues list - in next call, we'll go thru current outstanding issues - [ISSUE a] How to represent support for attr profiles in metadata - [ISSUE b] How to represent support for attr profiles in core - 4. Verify purpose of EncryptionMethod in KeyDescriptor in metadata - Scott: (asking Greg) this is for the wrapped key, right? - Greg: not clear agreement in recent interop - thinks most were using it for bulk encryption, not key wrap - Scott: if this is for bulk encryption, it's in wrong place in metadata - Greg: agreed - Issue remains open - 5. SSO profile is different in how role division is split across request response - Scott: wouldn't call this an issue - was just a question in the metadata spec, and came to his own conclusion - CLOSED - 6. SSODescriptorType shouldn't be a base - Scott: thinks we resolved this - CLOSED - additionally, decided ID & SP descriptor elements need "SSO" in names - 7. Need new name for AttributeRequestingService - Scott: was resolved - changed back to AttributeConsumingService - CLOSED - Prateek: one action not covered (from day 3) was IBM paper on BAP - JohnL and Prateek to produce draft response to IBM paper on BAP - expect late July - Prateek: meeting notes may be missing 3rd day morning portion - Rob: looks like I am missing Jeff's notes - Rob: will send updated notes - item is captured as [ACTION] in missing minutes - Scott: there was a change resulting from this paper as well - Prateek: continuing with Issues that were recommended to be closed at F2F - Core 7: - recommended we CLOSE - Core 9: - still OPEN - Core 12: - recommended we CLOSE - Core 16: - recommended we CLOSE - Core 22: - recommended we CLOSE - Scott: there should be no QNames in our spec except for status codes - Prateek: so you're asking that we broaden the recommendation? - Scott: yes - Core 25: - recommended we CLOSE - Scott: thought we were waiting to see if anyone remembered why this was required - also need to document what Logout means without a SessionIndex, which would be to logout all sessions for principal - Core 27: - remains OPEN - Bind 3 - remains OPEN - Tech 1 - remains OPEN - Tech 3: - Recommendation is to CLOSE as long as Ron has reviewed and is ok - Tech 4 - remains OPEN - Tech 5 - remains OPEN - [MOTION] Accept all recommendation from F2F concerning Issues disposition - [VOTE] no objections, accepted - Prateek: there is an issue of progress on Conformance - Rob: OASIS rejected a message on this topic, but it has been reposted - Prateek: so there is an action already on this > > 7. Recent document updates > > < http://www.oasis-open.org/apps/org/workgroup/security/ > download.php/7379/sstc-saml-sec-consider-2.0-draft-03-diff.pdf > > < http://www.oasis-open.org/apps/org/workgroup/security/ > download.php/7339/sstc-saml-exec-overview-2.0-draft-00.pdf > > - Paul is looking for comments - Frederick also sent update to Security Considerations - folks should read & comment - Doesn't have threat analysis for attr profile or name identifier profile - if anyone has material, please contribute - Scott: can provide some bullets for name identifier profile - would like to approve this in 2 weeks > > 8. Any other business > - Prateek: looking at schedule ... - next meeting is 6 July - need all material from F2F incorporated by then - Scott: mostly mine, and will be working on that over next few days - Prateek: we may start TC Last Call on 6 July, otherwise following week - Core & Bindings seem pretty stable - a little churn in Profiles - Conformance is most at risk - will get discussion going - do we need any other docs before going to TC Last Call? - Scott: glossary? - Jeff: will try to have ready - JohnH: posted revised storyboard for Tech Overview - < http://lists.oasis-open.org/archives/security-services/ 200406/msg00076.html > - please send comments in next few days - will be writing doc based on storyboard after that - Thanks to whomever left us with hold music for the latter portion of the call! > > 9. Adjourn > - Adjourned ---------------------------------------------------------------------- Attendance of Voting Members: Conor P. Cahill AOL, Inc. Hal Lockhart BEA Rick Randall Booz Allen Hamilton Tim Alsop CyberSafe John Hughes Entegrity Solutions Paul Madsen Entrust Dana Kaufman Forum Systems Irving Reid Hewlett-Packard Company Paula Austel IBM Anthony Nadalin IBM Scott Cantor Individual Bob Morgan Individual Prateek Mishra Netegrity Frederick Hirsch Nokia John Kemp Nokia Senthil Sengodan Nokia Charles Knouse Oblix Steve Anderson OpenNetwork Darren Platt Ping Identity Jim Lien RSA Security Rob Philpott RSA Security Dipak Chopra SAP Jahan Moreh Sigaba Bhavna Bhatnagar Sun Microsystems Jeff Hodges Sun Microsystems Eve Maler Sun Microsystems Ron Monzillo Sun Microsystems Mike Beach The Boeing Company Greg Whitehead Trustgenix Attendance of Observers or Prospective Members: James Vanderbeek Vodafone Gavenraj Sodhi Computer Associates Rebekah Metz NASA Tim Moses Entrust Membership Status Changes: James Vanderbeek Vodafone - Requested prospective status 6/21/2004 Gavenraj Sodhi Computer Associates - Requested prospective status 6/22/2004 Miguel Pallares Ericsson - Lost voting status after 6/22/2004 call Jason Rouault Hewlett-Packard Company - Lost voting status after 6/22/2004 call Bhavna Bhatnagar Sun Microsystems - Beginning LOA after 6/22/2004 call -- Steve Anderson OpenNetwork To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/security-services/members/leave_workgroup.php.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]