OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: SSTC Focus Call Minutes, Augiust 24


Rob Philpott
Prateek Mishra
Scott Cantor
Tony Nadalin
Paula Austel
Cameron Morris
Ari Kermaier
Dana Kaufman
Bhavna Bhatnagar
Scott Keister
Abby Barbir
Bob Morgan
Frederick Hirsch
Steve Anderson

1. Discussion on 
Server-Side State and Stateful Sessions 

Prateek: Feels that issue has been settled via messages from Scott, Mike Beach, Conor.

Scott: Likes Mike Beach message, wonders if some language could be added to soften some
of the language concerning session invalidation.


Rob: bring to attention of full call next week, if people are interested they can propose

2. Editors will pick up non-normative changes and add to draft. Normative changes to be
identified by an editor per document and brought forward for TC vote. We will discuss
appropriate naming of documents with Eve.

3. Bob Morgan and Steve Cantor comment on:


Suggests that 

(1) the encoding be placed on the attribute value rather than the attribute.

(2) Rather than explicitly list the syntaxes whose values are encoded
as xsd:string, I suggest that you have this case apply to any
directory attribute with a syntax whose LDAP-specific encoding
exclusively produces UTF-8 character strings. This will also
capture all the new directory attribute syntaxes with UTF-8 string
LDAP-specific encodings that are currently in the works.

The above syntaxes can then be listed as examples, e.g. "The following
syntaxes from RFC 2252 have LDAP-specific encodings that always produce
UTF-8 character strings:".

Bob Morgan to formally respond and propose normative changes in response.

4. John de Freitas COmment

Scott Cantor to respond to note. Most significant comment is about encryption
and whether we want to profile XML-ENC.

Tony, Scott, Prateek, Frederick: Is there a need for MTI advice or even profiling

General discussion. Group leans away from profiling and towards MTI of a few features.
Frederick to get it started with a message summarizing some of the relevant fields.

5. Rob P: minor fix needed in sstc-saml-schema-dce-2.0.xsd

UTF-8 vs. US ASCII encoding

Scott Cantor to make proposal.

6. Prateek: DEFLATE encoding as MTI?


No dissent.

7. Scott: Schema errors in CD


Scott will update schema files with proposed changes.

8. Does encryption need to be called out as MTI?


Scott points out that he had brought up this issue earlier, no dissent.

9. Sections 8.2 and 8.4 as MTI?


No dissent.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]