[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Agenda for SSTC Conference Call, July 13
Agenda for SSTC Conference Call, July 13, 2004 Dial in info: +1 865 673 6950 #351-8396 1. Roll Call 2. Accept minutes from July 6 conference call http://lists.oasis-open.org/archives/security-services/200407/msg00036.html http://lists.oasis-open.org/archives/security-services/200407/msg00030.html 3. Proposed errata process for SAML 2.0 (A) A single errata document be maintained by an Errata editor. Jahan Moreh has volunteered to fill this role (post-August 24). (B) (i) The errata document would be created once the TC had voted the specification set to committee draft status (August 3). The committee draft specification set documents should include a reference to "Errata" on the cover page, together with a URL where the document may be found. The name of the document should not be included as there cannot be substantive or normative changes to the document once it has been accepted as an OASIS standard. (ii) Simultaneously an errata document (sstc-saml-2.0-errata-00) but with no errata content be published to the SSTC web site at the designated errata URL. (C) The TC would follow its standard processes to accept errata (majority vote). The errata document would be used as the basis for revising the committee draft for final submission (September 7). It would then be versioned and reset to have no errata content. The errata document would remain live once the TC voted to submit the specification to OASIS for standardization. It would remain live until some or all of its contents were incorporated within SAML 2.1. The TC would follow its standard processes to accept errata (majority vote). 4. Motion: consider the following document set for 2-week committee last call period (includes external public review). http://www.oasis-open.org/apps/org/workgroup/security/download.php/7711/sstc -saml-core-2.0-draft-16-diff.pdf http://www.oasis-open.org/apps/org/workgroup/security/download.php/7682/sstc -saml-schema-protocol-2.0.xsd http://www.oasis-open.org/apps/org/workgroup/security/download.php/7681/sstc -saml-schema-assertion-2.0.xsd http://www.oasis-open.org/apps/org/workgroup/security/download.php/7668/sstc -saml-profiles-2.0-draft-14-diff.pdf http://www.oasis-open.org/apps/org/workgroup/security/download.php/7664/sstc -saml-metadata-2%200-draft-08-diff.pdf http://www.oasis-open.org/apps/org/workgroup/security/download.php/7663/sstc -saml-schema-metadata-2.0.xsd http://www.oasis-open.org/apps/org/workgroup/security/download.php/7615/sstc -saml-schema-ecp-2.0.xsd http://www.oasis-open.org/apps/org/workgroup/security/download.php/7582/sstc -saml-conformance-2.0-draft-01.pdf http://www.oasis-open.org/apps/org/workgroup/security/download.php/7553/sstc -saml-sec-consider-2.0-draft-04-diff.pdf http://www.oasis-open.org/apps/org/workgroup/security/download.php/7542/sstc -saml-bindings-2.0-draft-14-diff.pdf contingent on agreement that following issues and AIs can be either be closed today, do not affect this document set or can be resolved by July 20. 5. Close on remaining critical issues from latest issues document sstc-saml-2.0-issues-draft-12 includes TECH-1, BIND-4, BIND-3, CORE-9, CORE-21 6. Open action item review #0180: Does Jeff plan to update SAML server trust document? Owner: Eve Maler Status: Open Assigned: 12 Jul 2004 Due: --- Comments: ---------------------------------------------------------------------------- ---- #0179: Does conformance meet pki-cross-domain-profile-draft-01.doc requirements? Owner: Rick Randall Status: Open Assigned: 12 Jul 2004 Due: --- Comments: Prateek Mishra 2004-07-12 21:47 GMT CHeck conformance document to see if it captures the desired functionality described in this document. ---------------------------------------------------------------------------- ---- #0176: Provide sequence diagrams for profiles Owner: Jeff Hodges Status: Open Assigned: 23 Jun 2004 Due: --- Comments: Rob Philpott 2004-06-23 20:14 GMT as discussed at F2F #5. Diagram for BAP sent to list. ---------------------------------------------------------------------------- ---- #0175: Add Security Context to glossary Owner: Jeff Hodges Status: Open Assigned: 23 Jun 2004 Due: --- Comments: Rob Philpott 2004-06-23 20:12 GMT as discussed at F2F #5 ---------------------------------------------------------------------------- ---- #0174: Document values for DCE attribute names Owner: Scott Cantor Status: Open Assigned: 23 Jun 2004 Due: --- Comments: Rob Philpott 2004-06-23 20:09 GMT document the well-known values for the DCE attribute ---------------------------------------------------------------------------- ---- #0172: need text for syntax of attr values in LDAP/X.500 profile Owner: Bob Morgan Status: Open Assigned: 23 Jun 2004 Due: --- Comments: Rob Philpott 2004-06-23 20:05 GMT Discussed at f2f#5: RLBob to review & propose text for handling syntax of attr values in LDAP/X.500 profile. ---------------------------------------------------------------------------- ---- #0170: Move Authn Context Declarations to XML Schema-centric approach Owner: John Kemp Status: Open Assigned: 23 Jun 2004 Due: --- Comments: Rob Philpott 2004-06-23 16:06 GMT JohnK and Scott to move Authn Context Declarations to XML Schema-centric approach. ---------------------------------------------------------------------------- ---- #0166: Investigate use of Wiki from teh web site Owner: Scott Cantor Status: Open Assigned: 22 Jun 2004 Due: --- Comments: Rob Philpott 2004-06-22 16:40 GMT Scott will investigate the establishment of a wiki for SSTC use to be linked from the SSTC web site. ---------------------------------------------------------------------------- ---- #0165: Propose errata process for 2.0 specs Owner: Prateek Mishra Status: Open Assigned: 22 Jun 2004 Due: --- Comments: Rob Philpott 2004-06-22 16:38 GMT By the time we complete the 2.0 specs, we need an approved process for collecting and dealing with errata for the specs. Hal recommended looking at the XACML process. ---------------------------------------------------------------------------- ---- #0163: Need process for submission of profiles/authn context classes, etc. Owner: Rob Philpott Status: Open Assigned: 22 Jun 2004 Due: --- Comments: Rob Philpott 2004-06-22 16:29 GMT On the web site, we need to state what the process is for submitting and dealing with additional authn context classes, new profile documents, etc. Rob Philpott 2004-06-23 16:03 GMT Note that this is different from AI 164 for SCott and John K to propose text within the spec documents that points to the web site. ---------------------------------------------------------------------------- ---- #0160: Separate Privacy concerns language from Element/Attribute descriptions Owner: Prateek Mishra Status: Open Assigned: 30 Apr 2004 Due: --- Comments: Prateek Mishra 2004-04-30 18:14 GMT Jeff H - We need to highlight privacy considerations related to core, could be notes in core, could be section. *** AI: Prateek - will generate list potential changes from core ---------------------------------------------------------------------------- ---- #0158: Propose changes to definition of Federation in glossary Owner: Prateek Mishra Status: Open Assigned: 30 Apr 2004 Due: --- Comments: ---------------------------------------------------------------------------- ---- #0157: Define Binding and Profile in Glossary Owner: Jeff Hodges Status: Open Assigned: 30 Apr 2004 Due: --- Comments: Prateek Mishra 2004-04-30 18:10 GMT o "atomic unit of interoperability" proposed ---------------------------------------------------------------------------- ---- #0144: Explain optional subject decision Owner: Eve Maler Status: Open Assigned: 29 Apr 2004 Due: --- Comments: Prateek Mishra 2004-04-29 21:51 GMT *** AI: Eve: Optional subject implemented in core spec prose. Schema shows that subject is optional. o Eve: Has wanted to create a rationale for some of the decisions made on spec. Decision on subject less statements is a good example of what needs to be documented. Making an explicit design decision that is not really explicit on. By choosing to add prose to core spec we're making a stealth abstract profile (generic design decision) that applies to all explicit profiles. o Scott: data model (design) decision to require subjects in all SAML statements. ---------------------------------------------------------------------------- ---- #0132: Text to explain privacy reqts when using certain NameFormat values Owner: John Kemp Status: Open Assigned: 13 Apr 2004 Due: --- Comments: ---------------------------------------------------------------------------- ---- #0131: Migration document describing changes to subject in SAML 2.0 Owner: Jeff Hodges Status: Open Assigned: 13 Apr 2004 Due: --- Comments: Prateek Mishra 2004-04-13 04:31 GMT Explain how treatment of subjects have changed in going from SAML 1.X to SAML 2.0. This might be an action for Scott? ---------------------------------------------------------------------------- ---- #0125: Propose language to explain that AuthNResponse may contain attribute statements Owner: Prateek Mishra Status: Open Assigned: 16 Feb 2004 Due: --- Comments: Prateek Mishra 2004-02-16 14:46 GMT Easy to do but needs proposal on validity of assertion life-times as well. ---------------------------------------------------------------------------- ---- #0123: Obtain MIME type registration for HTTP lookup of SAML Owner: Jeff Hodges Status: Open Assigned: 13 Feb 2004 Due: ---
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]