[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Agenda for 31-Jan SSTC con-call
Good catch - sorry - Here's the link to Ashish's doc: http://www.oasis-open.org/apps/org/workgroup/security/download.php/16297/draft-saml-shared-credential-discussion-01.doc
Rob Philpott Senior Consulting Engineer RSA Security Inc. Tel: 781-515-7115 Fax: 781-515-7020 Email: rphilpott@rsasecurity.com I-name: =Rob.Philpott > -----Original Message----- > From: Paul Madsen [mailto:paulmadsen@rogers.com] > Sent: Monday, January 30, 2006 11:57 AM > To: > Cc: Ashish Patel > Subject: Re: [security-services] Agenda for 31-Jan SSTC con-call > > Hi Rob, the link under Ashish's name below points to Scott's Extensions > document rather than the Shared Credential proposal document > > Paul > > > > > > Dial in info: +1 865 673 6950; Access code: 270-9441# > > > > FYI - Spam on public comment distribution list has been reported to > > OASIS and they are working on it. > > > > 1. Roll call > > 2. Approve minutes from 17-Jan SSTC con-call > > * Re: [security-services] Draft minutes for 17 January 2006 > > SSTC telecon, with attendance data > > <http://lists.oasis-open.org/archives/security- > services/200601/msg00040.html>**** > > * **Attendance correction noted at: **Re: > > [security-services] Draft minutes for 17 January 2006 > > SSTCtelecon, with attendance data (correction) > > <http://lists.oasis-open.org/archives/security- > services/200601/msg00045.html> > > 3. Heads up: New IBM research report on security of SAML 2.0 > > * Main focus is on use of artifact binding with web SSO > > * IBM has requested a meeting with SSTC to discuss findings > > and proposals > > * Chairs will set up meeting and have asked IBM to provide > > paper to TC > > 4. Constrained Delegation (saml-dev discussion thread continued on > > main list): > > * ScottC: RE: [saml-dev] Constrained delegation > > <http://lists.oasis-open.org/archives/saml- > dev/200601/msg00009.html> > > * PrateekM: Re: [security-services] FW: [saml-dev] > > Constrained delegation > > <http://lists.oasis-open.org/archives/security- > services/200601/msg00046.html>**** > > * **ConorC: RE: [security-services] FW: [saml-dev] > > Constrained delegation > > <http://lists.oasis-open.org/archives/security- > services/200601/msg00047.html>****** > > * **ScottC: RE: [security-services] FW: [saml-dev] > > Constrained delegation > > <http://lists.oasis-open.org/archives/security- > services/200601/msg00048.html>****** > > 5. **Potential Errata in Conformance for SAML Authority & > > Requester****** > > * **TomW: RE: [security-services] SAML Authority and > > Requester Conformance question > > <http://lists.oasis-open.org/archives/security- > services/200601/msg00041.html>****** > > 6. **AshishP: Shared credential draft document****** > > * draft-saml-protocol-ext-01.pdf > > <http://www.oasis- > open.org/apps/org/workgroup/security/download.php/15207/draft-saml- > protocol-ext-01.pdf> > > 7. saml-dev discussion re: “strongly matches” > > * TomS and ScottC: RE: [saml-dev] strongly matches > > <http://lists.oasis-open.org/archives/saml- > dev/200601/msg00011.html>**** > > 8. **AI Review (attached)****** > > 9. Any Other Business? > > 10. Adjourn > > > > --------------- > > > > #0247: As per 17-Jan call: Prateek has received some feedback on the > > constrained delegation profile and will produce a revision next week. > > > > Owner: Prateek Mishra > > > > <New AI> > > > > --------------- > > > > #0243: Clean up text in Section 3.3.2.2.1 (RequestedAuthNContext) > > > > Owner: Scott Cantor > > > > <New AI> > > > > --------------- > > > > #0246: revise the PE 10 wording proposal "clarifying that anyURI is > > indeed the right interpretation" for the Reason attribute. > > > > Owner: Jahan Moreh > > > > <New AI> > > > > --------------- > > > > #0180: Need to update SAML server trust document > > > > Owner: > > > > 30-Aug: Jeff will not have time anytime soon to update the draft that > > was posted. It was suggested that the info in the doc is useful, so > > the AI is being left open in the hope that someone will volunteer in > > the near future to take over as editor. > > > > --------------- > > > > #0234: Nick to prepare some text for PE 23. > > > > Owner: Nick Ragouzis > > > > --------------- > > > > #0245: Per 17-Jan con-call: Greg W. to propose some clarifying text > > for the attribute profile section re: the issues discussed on the call. > > > > Owner: Greg Whitehead > > > > <New AI> > > > > --------------- > > > > #0244: Per 17-Jan con-call: Tom W. to send out a suggestion for > > shoring up the conformance language to clear up the > > requester/responder mismatch. > > > > Owner: Thomas Wisniewski > > > > <New AI> > > > > --------------- > > > > #0238: Plan for red-line versions of SAML 2.0 > > > > Owner: Eve Maler > > > > Per 8-Nov con-call: Eve-supposed to research on whether this was OK, > > she thinks OASIS said yes. CYA notification as to non-normative vs > > normative. Just haven't found the time. Keep my name on AI with speed > > caveat. Scott- I will help (if necessary) > > > > #0242: Recommended text for SAML Attr Sharing Profile > > > > Owner: Rob Philpott > > > > --------------- > > > > #0230: SAML Conformance SSL/TLS requirements > > > > Owner: Eric Tiffany > > > > Eric is concerned because implementation will be able to run over TLS, > > but spec actually says you must implement TLS. > > > > --------------- > > > > #0240: Status of SAML 2.0 submission to ITU T > > > > Owner: Olivier Dubuisson > > > > Per 17-Jan-06 con-call: > > Abbie has asked Eve for help filling out a form having to do with > > > > this. > > > > Per 18-Jan email: Reassigned to Olivier Dubuisson > > Olivier (and Abbie) - working the issue w/ITU-T. Olivier will just > > need help from Eve in working the > > > > --------------- > > > > -- > Paul Madsen e:paulmadsen @ ntt-at.com > NTT p:613-482-0432 > m:613-302-1428 > aim:PaulMdsn5 > > |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]