Anthony Nadalin | work 512.838.0085 | cell 512.289.4122
"Philpott, Robert" <rphilpott@rsasecurity.com>[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Agenda for 17-Aug-2004 SSTC con-call
Would like to discuss (1) Interop and (2) contribution lists before the vote
Anthony Nadalin | work 512.838.0085 | cell 512.289.4122
"Philpott, Robert" <rphilpott@rsasecurity.com>
08/16/2004 04:47 PM |
|
1. Approve minutes from 10-Aug con-call:
· http://lists.oasis-open.org/archives/security-services/200408/msg00100.html
2. Discussion on optional SP support for SLO over SOAP
3. Vote on CD status:
· Note that the files currently in the repository will be edited one final time to rename them and fix their “Status” paragraphs. We will include any additional edits agreed to during this con-call.
· A zip file containing all PDF’s and schema files is at:
Report created 16 August 2004 05:46pm EDT
#0183: Comment s solicited on John Linn response to Thomas Gross paper
Owner: Prateek Mishra
Status: Open
Assigned: 23 Jul 2004
Due: 23 Jul 2004
Comments:
Rob Philpott 2004-07-23 17:10 GMT
Per 20-July con-call: Prateek (by July 23) to comment on the draft of John Linn's draft of our response to the Thomas Gross security analysis.
#0179: Does conformance meet pki-cross-domain-profile-draft-01.doc requirements?
Owner: Rick Randall
Status: Open
Assigned: 12 Jul 2004
Due: ---
Comments:
Prateek Mishra 2004-07-12 21:47 GMT
CHeck conformance document to see if it captures the desired functionality described in this document.
#0144: Explain optional subject decision
Owner: Eve Maler
Status: Open
Assigned: 29 Apr 2004
Due: ---
Comments:
Prateek Mishra 2004-04-29 21:51 GMT
*** AI: Eve: Optional subject implemented in core spec prose. Schema shows that subject is optional.
o Eve: Has wanted to create a rationale for some of the decisions made on spec. Decision on subject less statements is a good example of what needs to be documented. Making an explicit design decision that is not really explicit on. By choosing to add prose to core spec we're making a stealth abstract profile (generic design decision) that applies to all explicit profiles.
o Scott: data model (design) decision to require subjects in all SAML statements.
Rob Philpott 2004-07-20 02:05 GMT
13-Jul con-call minutes note that the issue should be closed. and that Eve "may work on commentary".
Rob Philpott 2004-07-23 17:02 GMT
20July con-call:
Eve: The thought here was that we may have an optional post-V2.1 deliverable that explains the "XML rationales" for various things.
JohnK: But there are selected places in the actual specs where it would be helpful; he has suggested these. Eve: Let's treat these comments one by one, then.
Rob Philpott 2004-08-03 05:35 GMT
27-Jul: Per SSTC call: Still open. Deferred to post SAML 2.0
#0166: Investigate use of Wiki from teh web site
Owner: Scott Cantor
Status: Open
Assigned: 22 Jun 2004
Due: ---
Comments:
Rob Philpott 2004-06-22 16:40 GMT
Scott will investigate the establishment of a wiki for SSTC use to be linked from the SSTC web site.
Rob Philpott 2004-08-03 21:49 GMT
6-Jul: Per AI update from Scott:
Not high priority, but I think Internet2 can host this at some point with
the OpenSAML site.
#0163: Need process for submission of profiles/authn context classes, etc.
Owner: Rob Philpott
Status: Open
Assigned: 22 Jun 2004
Due: ---
Comments:
Rob Philpott 2004-06-22 16:29 GMT
On the web site, we need to state what the process is for submitting and dealing with additional authn context classes, new profile documents, etc.
Rob Philpott 2004-06-23 16:03 GMT
Note that this is different from AI 164 for SCott and John K to propose text within the spec documents that points to the web site.
#0180: Need to update SAML server trust document
Owner: Jeff Hodges
Status: Open
Assigned: 12 Jul 2004
Due: ---
Comments:
Rob Philpott 2004-07-20 01:59 GMT
Original AI was for Eve to follow up with Jeff to determine whether he would be updating this doc. That was done.
Discussion of this AI on 13-Jul indicates that the update will be a post 2.0 deliverable. Reassigned AI to Jeff for now.
#0123: Obtain MIME type registration for HTTP lookup of SAML
Owner: Jeff Hodges
Status: Open
Assigned: 13 Feb 2004
Due: ---
Comments:
Rob Philpott 2004-06-23 15:29 GMT
Attached is the initial rev of an I-D seeking to register the MIME media type
"application/saml+xml". Please review.
I've pinged the I-D editor to request a filename for the doc, I'll submit it to
both the I-D editor and the SSTC doc repository once that's finalized (std
procedure for I-Ds).
In concocting this draft, I've noted that MIME media type registrations aren't
necessarily the simple little registration exercise I'd thought they were. They
(the ietf-types@iana.org denizens) may desire more content, e.g. sec
considerations, in this doc. We'll see. Nominally, I think it's "good enough"
as is, especially since the SAML spec sets have thorough sec considerations
sections and I've referenced said spec sets carefully. Anyway, we'll see.
Also, I based this on a draft registration for application/rdf+xml. In that
draft, Aaron Schwartz claimed an optional parameter of "charset", and indicated
that the considerations thereof are the same as for "application/xml" (as
documented in http://www.ietf.org/rfc/rfc3023.txt). Additionally, he did the
same thing for the "encoding considerations", i.e. said they were the same as
for "application/xml". So, without excrutiating research, I did the same thing
in this draft. fwiw/fyi.
anyway, lemme know whatcha think.
thanks,
JeffH
Rob Philpott 2004-08-03 05:33 GMT
27-Jul: * Scott – we need to do one for metadata as well. Roll the metadata one into AI #123.
#0158: Propose changes to definition of Federation in glossary
Owner: Prateek Mishra
Status: Open
Assigned: 30 Apr 2004
Due: ---
Comments:
Rob Philpott 2004-07-23 17:05 GMT
20-July: Still open. Prateek will send thoughts to the list.
#0176: Provide sequence diagrams for profiles
Owner: Jeff Hodges
Status: Open
Assigned: 23 Jun 2004
Due: ---
Comments:
Rob Philpott 2004-06-23 20:14 GMT
as discussed at F2F #5.
Diagram for BAP sent to list.
Rob Philpott 2004-07-23 17:03 GMT
20-July: Jeff - Will finish this week.
#0184: Send SSTC response to Thomas Grss paper to the author
Owner: Prateek Mishra
Status: Open
Assigned: 23 Jul 2004
Due: ---
Comments:
Rob Philpott 2004-07-23 17:11 GMT
Per 20-July con-call: AI: ultimately to provide a formal response to Thomas Gross.
#0160: Separate Privacy concerns language from Element/Attribute descriptions
Owner: Prateek Mishra
Status: Open
Assigned: 30 Apr 2004
Due: ---
Comments:
Prateek Mishra 2004-04-30 18:14 GMT
Jeff H - We need to highlight privacy considerations related to core, could be notes in core, could be section.
*** AI: Prateek - will generate list potential changes from core
Rob Philpott 2004-07-23 17:05 GMT
20-July: Still open. Eve: Note that the explanation of constraints on session indexes now includes a rationale along these lines.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
