[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: SSTC Conference Call Minutes, July 7
AI: Rick will review conformance document to ensure that requirements expressed in profile are met. AI: Prateek, Jeff, Eve, Frederick to discuss errata proposal. AI: Eve to check with Jeff on plans to update SAML Server Trust document. 1. Roll Call. Quorum present. Steve to provide attendance separately. 2. Agenda bashing -- added agenda item to discuss work item status. Several e-mails have been posted on the list. 3. Minutes accepted from previous conference call. http://lists.oasis-open.org/archives/security-services/200406/msg00091.html 4. Document review. Scott’s status message: http://lists.oasis-open.org/archives/security-services/200407/msg00017.html Scott: Meta-data document has been updated. Web SSO parts of profile document have been updated. Attribute profile component still incomplete and major work item. John Hughes: Reviewing profiles and bindings for SAML 2.0 Overview document. Rick Randall: Possibility of incorporating profile submitted on June 23rd within SAML 2.0 profile document? Rick moves: sstc-saml-x509-authn-based-attribute-protocol-profile-2.0-draft-01 be included in the SAML 2.0 profiles document. Hal seconds. Discussion: Mike McIntosh - Concern that there is a deadline for proposals and it is long past. Tony Nadalin - havent had time enough to digest proposal. Scott Cantor - concern that it is over-specific - requires attribute encryption and digital signing. Notes that the proposal does not actually add new features. Eve Maler -- viewed deadline as speaking more to new work items. Does not want to add new protocols or extend deadlines. Prateek -- What is the goal here? Is the goal to have a named profile? Rick -- Yes, we would like to have a named profile that RFP's could point to. Bob Morgan -- concern that the name Identification: urn:oasis:names:tc:SAML:2.0:profiles:x509authattributesharing is very general but the profile description is very narrow. Rick -- would changing the name URI be adequate to address this issue? Conor Cahill -- can we not progress this document independent of SAML 2.0? This could be a committee draft that appears independently and later. Frederick Hirsch -- can this not be discussed in the conformance document? Rob Philpott -- Would it be adequate if the document were progressed as a committee draft for the folks interested in the profile? Rick -- will check back with the profile proponents. Maryann Hondo -- What about getting WS-I involved? Eve Maler -- explains that SAML has a process of registering profiles and this fits well within it. Rick --- perhaps combination of conformance and committee draft status is the right fit? Frederick, Scott --- the profile would point to certain conformance criteria; this raises the issue of whether there is adequate detail in the conformance document to support this profile. Rob P. -- suggestion that the SAML 2.0 conformance document has all the knobs to support implementation of the profile. Further, profile be progressed as a committee draft within SSTC. Rick -- withdraw current motion, reflecting the sentiments of the TC. Scott -- Continued discussion of meta-data draft 184.108.40.206. Changes to treatment of encryption key descriptor from original ID-FF 1.2 submission. Other changes to meta-data includes section on meta-data signing and validation. Split up meta-data publication methods into two part. Separate schema file for Enhanced client profile also published. Rob --- Plan on track for going into last call next week. Eve Maler - based on e-mail interactions W2a, W-4 and W-9 are now considered closed. What are the other documents that need to be progressed? Rob - DIscuss remaining open work items next week. Eve -- please add agenda item next week for discussion of editorial issues. Frederick - please review security considerations with specific emphasis on SSO assertions and their role as a counter-measure. Hal -- discussion of new "one-time use" text. Scott -- intention to add new material about relationship with clock skew. Rob -- TC to review action items and send note to list about current status. Meeting Adjourned.