OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: SSTC Focus Call Minutes, Augiust 24

 

Rob Philpott
Prateek Mishra
Scott Cantor
Tony Nadalin
Paula Austel
Cameron Morris
Ari Kermaier
Dana Kaufman
Bhavna Bhatnagar
Scott Keister
Abby Barbir
Bob Morgan
Frederick Hirsch
Steve Anderson

1. Discussion on 
Server-Side State and Stateful Sessions 
http://lists.oasis-open.org/archives/security-services/200408/msg00161.html 

Prateek: Feels that issue has been settled via messages from Scott, Mike Beach, Conor.

Scott: Likes Mike Beach message, wonders if some language could be added to soften some
of the language concerning session invalidation.

http://lists.oasis-open.org/archives/security-services/200408/msg00173.html

Rob: bring to attention of full call next week, if people are interested they can propose
changes.


2. Editors will pick up non-normative changes and add to draft. Normative changes to be
identified by an editor per document and brought forward for TC vote. We will discuss
appropriate naming of documents with Eve.

3. Bob Morgan and Steve Cantor comment on:

http://lists.oasis-open.org/archives/security-services/200408/msg00180.html

Suggests that 

(1) the encoding be placed on the attribute value rather than the attribute.

(2) Rather than explicitly list the syntaxes whose values are encoded
as xsd:string, I suggest that you have this case apply to any
directory attribute with a syntax whose LDAP-specific encoding
exclusively produces UTF-8 character strings. This will also
capture all the new directory attribute syntaxes with UTF-8 string
LDAP-specific encodings that are currently in the works.

The above syntaxes can then be listed as examples, e.g. "The following
syntaxes from RFC 2252 have LDAP-specific encodings that always produce
UTF-8 character strings:".

Bob Morgan to formally respond and propose normative changes in response.


4. John de Freitas COmment
http://lists.oasis-open.org/archives/security-services/200408/msg00181.html

Scott Cantor to respond to note. Most significant comment is about encryption
and whether we want to profile XML-ENC.

Tony, Scott, Prateek, Frederick: Is there a need for MTI advice or even profiling
of XML-ENC and XML-SIG?

General discussion. Group leans away from profiling and towards MTI of a few features.
Frederick to get it started with a message summarizing some of the relevant fields.

5. Rob P: minor fix needed in sstc-saml-schema-dce-2.0.xsd

UTF-8 vs. US ASCII encoding

Scott Cantor to make proposal.

6. Prateek: DEFLATE encoding as MTI?

http://lists.oasis-open.org/archives/security-services/200408/msg00189.html

No dissent.

7. Scott: Schema errors in CD

http://lists.oasis-open.org/archives/security-services/200408/msg00190.html

Scott will update schema files with proposed changes.

8. Does encryption need to be called out as MTI?

http://lists.oasis-open.org/archives/security-services/200408/msg00191.html

Scott points out that he had brought up this issue earlier, no dissent.


9. Sections 8.2 and 8.4 as MTI?

http://lists.oasis-open.org/archives/security-services/200408/msg00194.html

No dissent.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]